Control: retitle -1 pam: 027_pam_limits_better_init_allow_explicit_root is having serious negative interactions with SystemD 240
Hello, On Wed, Dec 26, 2018 at 02:11:23PM -0500, Christian Weeks wrote: > The SystemD 240 update has changed the handling of NOFILE for the init > process and processes it directly spawns. > See: https://github.com/systemd/systemd/pull/10244 > Unfortunately, it seems that the patch above, which is forcing NOFILE to > "infinity" (effectively 1G?) is now having a serious adverse effect on > various processes that are spawned by SystemD directly, see: > https://github.com/systemd/systemd/issues/10921 and a KDE init bug > similarly. > I can't find a bug reporting this to debian, even though the root cause > seems to be this patch to force "infinity" onto PID 1. > Hope this helps. I am aware of https://github.com/systemd/systemd/issues/10921 and see that you commented on that PR before you filed this one here, but you have attributed the root cause to the wrong patch. Retitling this bug. This will take some time to fix correctly; I don't agree with systemd upstream's analysis that PAM should not reset limits, but clearly the limits we are ending up with have negative consequences at present. I think it is also unequivocally a bug in the other packages to perform any operations based on the NOFILE hard limit instead of the soft limit, and those packages should also be fixed regardless as this is a latent bug whether or not we change the default hard limit in Debian back down. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer https://www.debian.org/ slanga...@ubuntu.com vor...@debian.org
signature.asc
Description: PGP signature
