linux下limits.conf 修改不生效的原因

步骤一: 在/etc/pam.d/login 文件中末尾添加一行

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
[weblogic@kjgl-web ~]$ cat  /etc/pam.d/login 
#%PAM-1.0
auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
auth include system-auth
account required pam_nologin.so
account include system-auth
password include system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
session optional pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session include system-auth
-session optional pam_ck_connector.so
session required pam_limits.so #要有这一行

步骤二:在/etc/pam.d/sshd 文件中末尾添加一行

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[weblogic@kjgl-web ~]$ cat /etc/pam.d/sshd   #这个文件就新建一个,添加如下内容
#%PAM-1.0
auth required pam_sepermit.so
auth include password-auth
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session include password-auth
session required pam_limits.so #要有这一行

步骤三:修改sshd的配置文件,开启PAM功能

1
2
3
4
5
6
7
8
9
[weblogic@kjgl-web ~]$ grep -n Use /etc/ssh/sshd_config 
46:#AuthorizedKeysCommandUser nobody
52:#IgnoreUserKnownHosts no
82:UsePAM yes #开启
83:UseLogin yes #开启
91:#X11UseLocalhost yes
96:#PermitUserEnvironment no
100:#UseDNS no
114:#Match User anoncvs

步骤四:重启sshd 即可

1
/etc/init.d/sshd restart
# linux
Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×