Relevant BUGIDs: Novell #81690

Purpose of commit: bugfix

Commit summary:
---------------

If the process priority is not specified in the limits.conf file,
pam_limits should not reset the current one to zero.

diff --git a/CHANGELOG b/CHANGELOG
index bd193b76ac088a836f2377cc5196d043c4a5ca59..0695b7f333cb25487bb1cd3eab7f3c86fc58bc64 100644 (file)
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -83,6 +83,8 @@ BerliOS Bugs are marked with (BerliOS #XXXX).
   root and target user is not (t8m)
 * pam_access: Add listsep option to set list element separator by
   Richard Shaffer (t8m)
+* pam_limits: Don't reset process priority if none is specified in
+  the config file (Novell #81690 - kukuk)
 
 0.79: Thu Mar 31 16:48:45 CEST 2005
 * pam_tally: added audit option (toady)

diff --git a/modules/pam_limits/README b/modules/pam_limits/README
index 32afb197622243a8aa0945ea51c9fa8ec06a4365..ac37afe1081d94d88bcfe3ae04043d82772831e9 100644 (file)
--- a/modules/pam_limits/README
+++ b/modules/pam_limits/README
@@ -6,8 +6,8 @@ THEORY OF OPERATION:
 
 First, make a root-only-readable file (/etc/security/limits.conf by
 default or INSTALLED_CONFILE defined Makefile) that describes the
-resource limits you wish to impose. No limits are imposed on UID 0
-accounts.
+resource limits you wish to impose. No priority changes and login 
+limit checks are done on UID 0 accounts.
 
 Each line describes a limit for a user in the form:
 

diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c
index f7b228b8a5c91061bdc6f81147e289a21f92985b..eec3917a6cdba79f36b24907b410d89cbe109e21 100644 (file)
--- a/modules/pam_limits/pam_limits.c
+++ b/modules/pam_limits/pam_limits.c
@@ -248,7 +248,10 @@ static int init_limits(struct pam_limit_s *pl)
        }
     }
 
-    pl->priority = 0;
+    errno = 0;
+    pl->priority = getpriority (PRIO_PROCESS, 0);
+    if (pl->priority == -1 && errno != 0)
+      retval = !PAM_SUCCESS;
     pl->login_limit = -2;
     pl->login_limit_def = LIMITS_DEF_NONE;