different ulimits when 'pbrun' to user


 
Thread Tools Search this Thread
Operating Systems AIX different ulimits when 'pbrun' to user
# 1  
Old 05-25-2009
different ulimits when 'pbrun' to user

Hi,

we run an application called powerbroker that is providing a secured and logged access to functional IDs like root or oracle.
Generally the functionality should not differ from a normal su - but I am right now experiencing some behaviour I cannot explain: when 2 different users are switching to the same functional ID, the ulimits seem to be different ... even though /etc/security/limits has the correct ulimits for this functional ID.
Does anybody know where else the wrong values could come from ?

Thanks and regards
zxmaus
# 2  
Old 05-27-2009
What happens if you use the ID of the user and su - to that functional ID and check the limits? If this works, I guess, the software is not working correct or missing some kind of configuration parameter?
I just checked the website of powerbroker out of interest but their support seems not to be accessed easily.
# 3  
Old 05-27-2009
Hi zaxxon,

uid and gid shown are exactly the same for the user with correct and for the user with incorrct ulimits ... that's what confuses me so much.
Even when I do a normal su to the fid the ulimits seem correct. It's only when users from a particular hostgroup do the pbrun the ulimits seem to be wrong - on this particular machine - on other machines its correct. That's why I believe the reason is on the box somewhere, not in the appliction.
Maybe I just have to live with it Smilie

Kind regards
zxmaus
# 4  
Old 05-27-2009
limits work for user name and not for user id

check /etc/security/limits

example:

Code:
/etc/passwd: 
root:!:0:0::/:/usr/bin/ksh
blubb:!:0:0::/:/usr/bin/ksh

Code:
/etc/secuirty/limits
root:
        fsize = -1
        fsize_hard = -1
        stack_hard = -1
        rss = -1

blubb:
        fsize = 10000
        fsize_hard = 10000
        stack_hard = -1
        rss = -1

>su - root
>ulimit -a
time(seconds)        unlimited
file(blocks)         unlimited
data(kbytes)         131072
stack(kbytes)        32768
memory(kbytes)       unlimited
coredump(blocks)     2097151
nofiles(descriptors) 2000

>su - blubb
>ulimit -a
time(seconds)        unlimited
file(blocks)         10000
data(kbytes)         131072
stack(kbytes)        32768
memory(kbytes)       unlimited
coredump(blocks)     2097151
nofiles(descriptors) 2000

# 5  
Old 07-31-2009
funksen,
thanks - I knew that and the ulimits were correct set in the system. I still don't know what really went wrong but since I rebooted the system, the ulimits are fine and in sync now. I assume some running process kept the older (wrong) limits though I initially thought a re-login of the user should refresh these ulimits ... apparently I was wrong Smilie
Kind regards
zxmaus
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Automating pbrun /bin/su not working, whenever manually it is working using putty

I am trying to automate a script where I need to use pbrun /bin/su but for some reason it is not passing thru the pbrun as my code below. . ~/.bash_profile pbrun /bin/su - content c h 1 hpsvn up file path I am executing this from an external .sh file that is pointing to this scripts file... (14 Replies)
Discussion started by: jorgejac
14 Replies

2. Shell Programming and Scripting

Sending values to autoprompt of pbrun

Hi I am writing a shell scrpt to call pbrun to change user like below pbrun su-otheruser but in solaris by default there ia autoprompt after using pbrun su which asks the following which is mandatory to enter the reason, Reason for ID change: Is there a way to send the value form... (3 Replies)
Discussion started by: prady184u
3 Replies

3. Shell Programming and Scripting

need help with pbrun su in shell script

Hello , I am logging in linux with my userName and using the pbrun su appName for changing permissions of files (owner of the files is appName). Now I am trying to do same within shell script but failing . Here is my code . #Function to change permission of a file fun_chmod(){ ... (0 Replies)
Discussion started by: RaviTej
0 Replies

4. Shell Programming and Scripting

How to automate pbrun login through script?

Hi All, I need information regarding how to automate the pbrun process in script in Linux. Example sample script below, #!bin/sh /usr/xyz/pbrun testusr -password testpwd testusr is username for pbrun and testpwd is password for pbrun. Im not sure if it is correct way to invoke pbrun in... (2 Replies)
Discussion started by: Pravs4info
2 Replies

5. Solaris

what is the difference between sudo and pbrun?

what is the difference between sudo and pbrun? i have seen people executing pbrun sudo su - what this means?? i know su - will try to switch to root user. what speciality pbrun gives to sudo when it is used along with sudo command? (2 Replies)
Discussion started by: chidori
2 Replies

6. Shell Programming and Scripting

pbrun ssh -l servername

Hi, Can you plz help me in the below command! what is the pbrun command does with ssh pbrun ssh -l servername (0 Replies)
Discussion started by: lnviyyapu
0 Replies

7. Shell Programming and Scripting

Exit from Shell Prompt after Pbrun

I have a ksh script, which pbruns into another account. I want to pbrun run into that account, and continue running all the engine commands(i.e setroot, setsite xxx, etc) in my script. But instead, it pbruns into the account, and just gives me a shell prompt.. and stops there. Only once i... (2 Replies)
Discussion started by: alamurus
2 Replies

8. UNIX for Advanced & Expert Users

Determining if user is local-user in /etc/passwd or LDAP user

Besides doing some shell-script which loops through /etc/passwd, I was wondering if there was some command that would tell me, like an enhanced version of getent. The Operating system is Solaris 10 (recent-ish revision) using Sun DS for LDAP. (5 Replies)
Discussion started by: ckmehta
5 Replies

9. Shell Programming and Scripting

Pbrun command problem

Hi, I want to automate pbrun command in one of my project but the problem is when i am running pbrun command then it is asking for some input as identification no.I redirect that number through a file but it's not working. I didn't got any option for that to pass it as command line.Is there... (5 Replies)
Discussion started by: saurabhjigr8
5 Replies

10. AIX

ulimits max locked memory virtual memory

Hi, Would any one be so kind to explain me : are ulimits defined for each user seperately ? When ? Specialy what is the impact of : max locked memory and virtual memory on performance of applications for a user. Many thanks. PS : this is what I can see in MAN : ulimit ] ... (5 Replies)
Discussion started by: big123456
5 Replies
Login or Register to Ask a Question