:: [devuan-dev] bug#805: openrc: super…
Página superior
Este mensaje es parte del siguiente hilo:
MEl árbol completo de hilos, ordenados por fecha
M\meow, mensaje del <-
MMmeow, mensaje del ->
Eliminar este mensaje
Responder a este mensaje
Autor: Mark Hindley
Fecha:  
A: meow
Cc: 805
Asunto: [devuan-dev] bug#805: openrc: supervise-daemon: missing PAM configuration
Lorietta,

On Fri, Nov 24, 2023 at 03:52:58AM +0000, meow wrote:
>    Example: Local DoS attack due to lack of PAM limits.
>    I think it’s safe to either include limits.so in /etc/pam. d/other, or
>    add a configuration for supervise-daemon.
>    Also, I have a question. What exactly is incompatible with debian in
>    the upstream version of this file? I added this file to my system and
>    everything works well, limits are applied and supervise-daemon
>    continues in normal mode.

Debian uses pam-auth-update(8) to manage the addition of modules to
/etc/pam.d/common-*. That will not work with the supplied upstream pam config.

I am not a pam expert, but I *think* the Debian approach should be something
like 


@include common-auth
@include common-account
@include common-password
session         optional        pam_limits.so


Does that work for you?

Thanks

Mark
Este mensaje se envió a las siguientes listas de correo:
devuan-dev
Información de la lista de correo | Mensajes cercanos		<-[devuan-dev] bug#802: openrc: openrc-run: to many broken options[devuan-dev] Processed: close 801->

Donate to Dyne.org

dyne.org open discussions
administrado por dyne.org hackers		Lurker (versión 2.3)