Lorietta,
On Fri, Nov 24, 2023 at 03:52:58AM +0000, meow wrote:
> Example: Local DoS attack due to lack of PAM limits.
> I think it’s safe to either include limits.so in /etc/pam. d/other, or
> add a configuration for supervise-daemon.
> Also, I have a question. What exactly is incompatible with debian in
> the upstream version of this file? I added this file to my system and
> everything works well, limits are applied and supervise-daemon
> continues in normal mode.
Debian uses pam-auth-update(8) to manage the addition of modules to
/etc/pam.d/common-*. That will not work with the supplied upstream pam config.
I am not a pam expert, but I *think* the Debian approach should be something
like
@include common-auth
@include common-account
@include common-password
session optional pam_limits.so
Does that work for you?
Thanks
Mark