[LAU] memlock limits not set correctly?

[Bill Gribble]

On 1/17/19 5:41 PM, David wrote:
> On Thu, 17 Jan 2019 at 23:22, Bill Gribble<grib at billgribble.com>  wrote:
>> I have opened a Debian bug report against the "libpam-modules" package
>> (containing pam_limits.so, the module that actually reads and applies
>> the /etc/security/limits.{conf,d} limits).  We'll see what happens!
> For the benefit of other readers, I guess that would be this one:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919528

That's the one.  To summarize my later findings for posterity, this 
isn't a "bug" in libpam-modules per se but a known bad-interaction 
between systemd and gnome.

In short, systemd implements its own system for setting process limits 
on login, and /etc/security/limits.* are obsolete.

Here's the Link I Needed To Find:

https://bugzilla.redhat.com/show_bug.cgi?id=1364332

The bummer is that systemd's mechanism for setting limits is less 
powerful than the limits.conf style and doesn't permit setting limits 
for users based on group membership.

I still haven't nailed the workaround (the ideas in the fedora thread 
above haven't worked, but I have little understanding of how systemd 
manages processes so I'm sort of poking in the dark) but I will post a 
followup to this thread when I do so that others might benefit as well.

bg