On May 5, 2014, at 1:14 PM, Stephen Harris <lists at spuddy.org> wrote: > On Mon, May 05, 2014 at 12:44:01PM -0600, Nathan Duehr wrote: >> Not processes started that change to a non-root user from a root/init/rc >> script. No session. At least not from what I was seeing in 5.10. >> Intended or not, it wasn't behaving like PAM was ever involved. :-) > > If you're doing it as "su user" then pam.d/su is called which calls > system-auth which calls pam_limits. If you're doing it as "runuser" > then pam.d/runuser is called which directly calls pam_limits > > If your program just does setreuid() calls (which it can do if started as > root, or is setuid) then it's not going near PAM and so will inherit > the kernel defaults (if started by init) or the user current values > (if started by a user). Yup... guess which one Asterisk did back in 1.4 ? :-) (Yeah it's ancient... [insert usual operational excuses here].) -- Nate Duehr denverpilot at me.com