Bug 3793 - 'smbd' doesn't apply '/etc/security/limits.conf' when changing users
'smbd' doesn't apply '/etc/security/limits.conf' when changing users
Status: NEW
Product: Samba 3.0
Classification: Unclassified
Component: File Services
3.0.10
x64 Linux
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-21 22:45 UTC by starlight
Modified: 2006-05-21 22:45 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description starlight 2006-05-21 22:45:42 UTC
This is a bit esoteric, but I suspect it matters.

'smbd' doesn't appear to use 'pam' to establish the per-user 
limits established in '/etc/security/limits.conf' when assuming 
a user-id.

I discovered this while developing a daemon that creates 10,000 
threads. Had to increase the 'ulimit' value for processes like 
so:

testuser hard nproc unlimited
testuser soft nproc unlimited

Neglicted to do the same for 'root', and discovered that 'smbd'
blows up with

[2006/05/21 23:03:02, 0] lib/util_sec.c:assert_uid(95)     
  Failed to set uid privileges to (-1,500) now set to (0,0)

while trying to become my user-id during an access attempt from 
the windows box.  Applying the above limits to 'root' and 
restarting 'smbd' from a 'root' logon using the 
'/etc/rc.d/init.d/smb' script fixes the problem, and I interpret 
this to mean that the user limits are not applied by Samba when 
switching.  Didn't look at the source however.

Running CentOS 4.3 (RHEL 4, update 3)
samba-3.0.10-1.4E.6
AMD 'x86_64'