summaryrefslogtreecommitdiff
path: root/debian/patches-applied/027_pam_limits_better_init_allow_explicit_root
Commit message (Collapse)AuthorAge
* Refresh patchesSteve Langasek2019-01-24
|
* Refresh patchesSteve Langasek2019-01-08
|
* make sure we're passing ctrl to the function if we need to check PAM_DEBUGSteve Langasek2019-01-08
|
* debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:Steve Langasek2019-01-08
| | | | | | don't reset the process niceness for root; since it's root, they can still renice to a lower nice level if they need to and changing the nice level by default is unexpected behavior. Closes: #594377.
* * debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:Kees Cook2019-01-08
| | | | | - only report about unknown kernel rlimits when "debug" is set (Closes: 625226, LP: #794531).
* debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:Steve Langasek2019-01-08
| | | | | set a better default RLIMIT_MEMLOCK value for BSD kernels. Thanks to Petr Salinger for the fix. Closes: #602902.
* update the existing 027_pam_limits_better_init_allow_explicit_root patchSteve Langasek2019-01-08
| | | | | | instead of creating a new parse-kernel-rlimits.patch, to keep these changes logically grouped together; and add a DEP3 patch header here since we didn't have one before
* Include changes to pam_limits/README in the patch, since they end up in theSteve Langasek2019-01-08
| | | | | package anyway and this gives us a cleaner ./debian/rules clean
* refresh other patches for new upstream releaseSteve Langasek2019-01-08
|
* 027_pam_limits_better_init_allow_explicit_root: defaults need to beSteve Langasek2019-01-08
| | | | | declared as LIMITS_DEF_DEFAULT instead of LIMITS_DEF_ALL, otherwise global limits will fail to be applied. LP: #314222.
* 027_pam_limits_better_init_allow_explicit_root: set the RLIMIT_MEMLOCKSteve Langasek2019-01-08
| | | | limit correctly to match the kernel default, which is not RLIM_INFINITY.
* include documentation in the patch, giving examples of how to set Steve Langasek2019-01-08
| | | | limits for root. Thanks to Jonathan Marsden.
* revert the 'fix' for bug #515673, since this isn't really a bug at all.Steve Langasek2019-01-08
|
* shadow the finite kernel defaults for RLIMIT_SIGPENDING andSteve Langasek2019-01-08
| | | | | RLIMIT_MSGQUEUE as well, so that the preceding changes don't suddenly expose systems to DoS or other issues.
* 027_pam_limits_better_init_allow_explicit_root: also fix the patch soSteve Langasek2019-01-08
| | | | | that our limit resets are actually *applied*, which has apparently been broken for who knows how long!
* 027_pam_limits_better_init_allow_explicit_root: RLIM_INFINITY may or maySteve Langasek2019-01-08
| | | | | | | not be invalid for RLIMIT_NOFILE, but we don't want to set a hard limit of 1024 by default; try to set this limit to the value of /proc/sys/fs/nr_open if we can, or fall back to RLIM_INFINITY. Closes: #515673, LP: #327597.
* refresh patches for new upstream versionSteve Langasek2019-01-03
|
* 027_pam_limits_better_init_allow_explicit_root: RLIM_INFINITY is alsoSteve Langasek2019-01-03
| | | | | invalid for RLIMIT_NOFILE, so when resetting the limits for a new session, use the kernel default of 1024 instead. Closes: #404836.
* refresh patches for new upstream versionSteve Langasek2019-01-03
|
* fix-up commit for grafting svn history onto git historySteve Langasek2019-01-02