PAM 이용한 리소스 관리

안녕하세요

책 32페이지에서 PAM 질문입니다

ulimit는 잘됩니다

근데 PAM 않되는거 같습니다

[root@root ~]# cat /etc/pam.d/login
#%PAM-1.0
auth       required     pam_securetty.so
auth       required     pam_stack.so service=system-auth
auth       required     pam_nologin.so
account    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    required     pam_stack.so service=system-auth
session    optional     pam_console.so
# pam_selinux.so open should be the last session rule
session    required     pam_selinux.so multiple open
session    required     /lib/security/pam_limits.so   -> 책에서 나온대로 추가했습니다

그다음에 limits.conf 파일 내용입니다

[root@root ~]# cat /etc/security/limits.conf
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#
#<domain>        <type>  <item>  <value>
#
#Where:
#<domain> can be:
#        - an user name
#        - a group name, with @group syntax
#        - the wildcard *, for default entry
#        - the wildcard %, can be also used with %group syntax,
#                 for maxlogin limit
#
#<type> can have the two values:
#        - "soft" for enforcing the soft limits
#        - "hard" for enforcing hard limits
#
#<item> can be one of the following:
#        - core - limits the core file size (KB)
#        - data - max data size (KB)
#        - fsize - maximum filesize (KB)
#        - memlock - max locked-in-memory address space (KB)
#        - nofile - max number of open files
#        - rss - max resident set size (KB)
#        - stack - max stack size (KB)
#        - cpu - max CPU time (MIN)
#        - nproc - max number of processes
#        - as - address space limit
#        - maxlogins - max number of logins for this user
#        - priority - the priority to run user process with
#        - locks - max number of file locks the user can hold
#
#<domain>      <type>  <item>         <value>
#

*               soft    core            0
*               hard    rss             10000
@student        hard    nproc           20
@faculty        soft    nproc           20
@faculty        hard    nproc           50
ftp             hard    nproc           0
@student        -       maxlogins       4

다음에 sshd 로 접속해 보았습니다

그리고 로그 확인

cat /var/log/messages

맨 아래 내용들만

nknown host to TCP port: 111 (accept failed)
Dec  9 20:21:01 root last message repeated 614 times
Dec  9 20:21:01 root crond(pam_unix)[3588]: session closed for user root
Dec  9 20:21:01 root portsentry[2690]: attackalert: Possible stealth scan from unknown host to TCP port: 111 (accept failed)
Dec  9 20:21:01 root last message repeated 10 times
Dec  9 20:21:01 root su(pam_unix)[3594]: session closed for user root
Dec  9 20:21:01 root crond(pam_unix)[3587]: session closed for user root
Dec  9 20:21:01 root portsentry[2690]: attackalert: Possible stealth scan from unknown host to TCP port: 111 (accept failed)

pam_limits 라는 모듈이 않올라왔는지 로그에 남지가 않네여

저는 페도라 3사용중입니다