From fa433b9e2fa1a00e13df36a8b709ffda9e3e715b Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Tue, 7 Jun 2005 07:41:23 +0000 Subject: Relevant BUGIDs: Novell #81690 Purpose of commit: bugfix Commit summary: --------------- If the process priority is not specified in the limits.conf file, pam_limits should not reset the current one to zero. --- modules/pam_limits/README | 4 ++-- modules/pam_limits/pam_limits.c | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) (limited to 'modules/pam_limits') diff --git a/modules/pam_limits/README b/modules/pam_limits/README index 32afb197..ac37afe1 100644 --- a/modules/pam_limits/README +++ b/modules/pam_limits/README @@ -6,8 +6,8 @@ THEORY OF OPERATION: First, make a root-only-readable file (/etc/security/limits.conf by default or INSTALLED_CONFILE defined Makefile) that describes the -resource limits you wish to impose. No limits are imposed on UID 0 -accounts. +resource limits you wish to impose. No priority changes and login +limit checks are done on UID 0 accounts. Each line describes a limit for a user in the form: diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c index f7b228b8..eec3917a 100644 --- a/modules/pam_limits/pam_limits.c +++ b/modules/pam_limits/pam_limits.c @@ -248,7 +248,10 @@ static int init_limits(struct pam_limit_s *pl) } } - pl->priority = 0; + errno = 0; + pl->priority = getpriority (PRIO_PROCESS, 0); + if (pl->priority == -1 && errno != 0) + retval = !PAM_SUCCESS; pl->login_limit = -2; pl->login_limit_def = LIMITS_DEF_NONE; -- cgit v1.2.3