CentOS 6.x 90-nproc.conf 覆盖limits.conf考证

2024-01-10 09:27:50 浏览数 (2)

CentOS 6.x一直有/etc/security/limits.d/90-nproc.conf 文件问题覆盖/etc/security/limits.conf设置问题,导致配置不生效。limit在限制的时候先读取的是90-nproc.conf ,导致limits.conf设置不生效。解决办法可以是:

1. 两个文件保持一致

2. 配置的时候依据90-nproc.conf为准

3. 删除90-nproc.conf

下来考证一下。

6.0

http://vault.centos.org/6.0/os/x86_64/Packages/pam-1.1.1-4.el6.x86_64.rpm

代码语言:javascript复制
[root@VM_0_33_centos tmp]# rpm2cpio pam-1.1.1-4.el6.x86_64.rpm |cpio -div 
./etc/pam.d
./etc/pam.d/config-util
./etc/pam.d/fingerprint-auth
./etc/pam.d/other
./etc/pam.d/password-auth
./etc/pam.d/smartcard-auth
./etc/pam.d/system-auth
./etc/security
./etc/security/access.conf
./etc/security/chroot.conf
./etc/security/console.apps
./etc/security/console.handlers
./etc/security/console.perms
./etc/security/console.perms.d
./etc/security/group.conf
./etc/security/limits.conf
./etc/security/limits.d
./etc/security/limits.d/90-nproc.conf  << 

6.1

http://vault.centos.org/6.1/os/x86_64/Packages/pam-1.1.1-8.el6.x86_64.rpm

代码语言:javascript复制
[root@VM_0_33_centos tmp]# rpm2cpio pam-1.1.1-8.el6.x86_64.rpm | cpio -div 
./etc/pam.d
./etc/pam.d/config-util
./etc/pam.d/fingerprint-auth
./etc/pam.d/other
./etc/pam.d/password-auth
./etc/pam.d/smartcard-auth
./etc/pam.d/system-auth
./etc/security
./etc/security/access.conf
./etc/security/chroot.conf
./etc/security/console.apps
./etc/security/console.handlers
./etc/security/console.perms
./etc/security/console.perms.d
./etc/security/group.conf
./etc/security/limits.conf
./etc/security/limits.d
./etc/security/limits.d/90-nproc.conf  << 
./etc/security/namespace.conf

6.10

http://mirrors.tencent.com/centos/6.10/os/x86_64/Packages/pam-1.1.1-24.el6.x86_64.rpm

代码语言:javascript复制
[root@VM_0_33_centos tmp]# rpm2cpio pam-1.1.1-24.el6.x86_64.rpm | cpio -div 
./etc/pam.d
./etc/pam.d/config-util
./etc/pam.d/fingerprint-auth
./etc/pam.d/other
./etc/pam.d/password-auth
./etc/pam.d/smartcard-auth
./etc/pam.d/system-auth
./etc/security
./etc/security/access.conf
./etc/security/chroot.conf
./etc/security/console.apps
./etc/security/console.handlers
./etc/security/console.perms
./etc/security/console.perms.d
./etc/security/group.conf
./etc/security/limits.conf
./etc/security/limits.d
./etc/security/limits.d/90-nproc.conf  <<

结论:

CentOS 6.x一直有90-nproc.conf文件问题,90-nproc.conf文件会覆盖/etc/security/limits.conf。

https://bugzilla.redhat.com/show_bug.cgi?id=919793

代码语言:shell复制
Description of problem:
​
/etc/security/limits.d/90-nproc.conf was introduced in pam package in RH6. It contains this line:
​
# Default limit for number of user's processes to prevent
# accidental fork bombs.
# See rhbz #432903 for reasoning.
​
*          soft    nproc     1024
​
​
This line overrides the conventionally set /etc/security/limits.conf value of the same name. Years of expected behavior are thrown out the window and honest system administrators are exposed to outages on Redhat 6!<<简直人神共愤!

0 人点赞