From 819aa33df8bd97e7adba17f4c2d549e17981bf47 Mon Sep 17 00:00:00 2001
From: Steve Langasek <vorlon@debian.org>
Date: Mon, 2 Mar 2009 02:29:36 -0800
Subject: 027_pam_limits_better_init_allow_explicit_root: also fix the patch so
 that our limit resets are actually *applied*, which has apparently been
 broken for who knows how long!

---
 debian/changelog                                   |  3 +++
 .../027_pam_limits_better_init_allow_explicit_root | 24 ++++++++++++++--------
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 4e6a1702..4f0bddf3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,9 @@ pam (1.0.1-7) UNRELEASED; urgency=low
     of 1024 by default; try to set this limit to the value of
     /proc/sys/fs/nr_open if we can, or fall back to RLIM_INFINITY.
     Closes: #515673, LP: #327597.
+  * 027_pam_limits_better_init_allow_explicit_root: also fix the patch so
+    that our limit resets are actually *applied*, which has apparently been
+    broken for who knows how long!
 
  -- Steve Langasek <vorlon@debian.org>  Mon, 02 Mar 2009 01:07:43 -0800
 
diff --git a/debian/patches-applied/027_pam_limits_better_init_allow_explicit_root b/debian/patches-applied/027_pam_limits_better_init_allow_explicit_root
index f12ead7c..9f6304f3 100644
--- a/debian/patches-applied/027_pam_limits_better_init_allow_explicit_root
+++ b/debian/patches-applied/027_pam_limits_better_init_allow_explicit_root
@@ -49,10 +49,14 @@ Index: pam.deb/modules/pam_limits/pam_limits.c
      for(i = 0; i < RLIM_NLIMITS; i++) {
  	int r = getrlimit(i, &pl->limits[i].limit);
  	if (r == -1) {
-@@ -242,6 +263,41 @@
+@@ -240,8 +261,47 @@
+ 	    }
+ 	} else {
  	    pl->limits[i].supported = 1;
- 	    pl->limits[i].src_soft = LIMITS_DEF_NONE;
- 	    pl->limits[i].src_hard = LIMITS_DEF_NONE;
+-	    pl->limits[i].src_soft = LIMITS_DEF_NONE;
+-	    pl->limits[i].src_hard = LIMITS_DEF_NONE;
++	    pl->limits[i].src_soft = LIMITS_DEF_ALL;
++	    pl->limits[i].src_hard = LIMITS_DEF_ALL;
 +	    switch(i) {
 +		case RLIMIT_CPU:
 +		case RLIMIT_FSIZE:
@@ -87,11 +91,15 @@ Index: pam.deb/modules/pam_limits/pam_limits.c
 +		    pl->limits[i].limit.rlim_cur = 1024;
 +		    pl->limits[i].limit.rlim_max = nofiles_max;
 +		    break;
++		default:
++		    pl->limits[i].src_soft = LIMITS_DEF_NONE;
++		    pl->limits[i].src_hard = LIMITS_DEF_NONE;
++		    break;
 +	    }
  	}
      }
  
-@@ -524,7 +580,7 @@
+@@ -524,7 +584,7 @@
  
              if (strcmp(uname, domain) == 0) /* this user have a limit */
                  process_limit(pamh, LIMITS_DEF_USER, ltype, item, value, ctrl, pl);
@@ -100,7 +108,7 @@ Index: pam.deb/modules/pam_limits/pam_limits.c
  		    if (ctrl & PAM_DEBUG_ARG) {
  			pam_syslog(pamh, LOG_DEBUG,
  				   "checking if %s is in group %s",
-@@ -533,7 +589,7 @@
+@@ -533,7 +593,7 @@
                  if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1))
                      process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl,
  				  pl);
@@ -109,7 +117,7 @@ Index: pam.deb/modules/pam_limits/pam_limits.c
  		    if (ctrl & PAM_DEBUG_ARG) {
  			pam_syslog(pamh, LOG_DEBUG,
  				   "checking if %s is in group %s",
-@@ -547,7 +603,7 @@
+@@ -547,7 +607,7 @@
                      process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl,
  				  pl);
  		}
@@ -118,7 +126,7 @@ Index: pam.deb/modules/pam_limits/pam_limits.c
                  process_limit(pamh, LIMITS_DEF_DEFAULT, ltype, item, value, ctrl,
  			      pl);
  	} else if (i == 2 && ltype[0] == '-') { /* Probably a no-limit line */
-@@ -582,6 +638,12 @@
+@@ -582,6 +642,12 @@
      int status;
      int retval = LIMITED_OK;
  
@@ -131,7 +139,7 @@ Index: pam.deb/modules/pam_limits/pam_limits.c
      for (i=0, status=LIMITED_OK; i<RLIM_NLIMITS; i++) {
  	if (!pl->limits[i].supported) {
  	    /* skip it if its not known to the system */
-@@ -675,6 +737,8 @@
+@@ -675,6 +741,8 @@
          return PAM_ABORT;
      }
  
-- 
cgit v1.2.3