解决unknown limit item ‘noproc’

这段时间为了对付攻击,看了几天的日志,发现每次看/var/log/secure这个日志的时候,都比上次增加了很多,除了被攻击出现的尝试登陆SSH外,还有一些东西

Apr 27 20:01:06 www crond[9449]: pam_limits(crond:session): unknown limit item ‘noproc’
Apr 27 20:01:06 www crond[9449]: pam_limits(crond:session): unknown limit item ‘noproc’
Apr 27 21:01:03 www crond[9541]: pam_limits(crond:session): unknown limit item ‘noproc’
Apr 27 21:01:03 www crond[9541]: pam_limits(crond:session): unknown limit item ‘noproc’
Apr 27 21:04:04 www sshd[9562]: pam_limits(sshd:session): unknown limit item ‘noproc’
Apr 27 21:04:04 www sshd[9562]: pam_limits(sshd:session): unknown limit item ‘noproc’
就是上边这些东西,占据了日志的大部内容,几乎1分钟就出一堆。”unknown limit item ‘noproc’”意思是未知的限制单位,看样子是关于limit session的,就是限制对话数的最大上限。查了一下资料,这东西归/etc/security/limits.conf这个配置文件管的,打开看了一下,里面有配置说明

# can be one of the following:\r\n
# – core – limits the core file size (KB)\r\n
# – data – max data size (KB)\r\n
# – fsize – maximum filesize (KB)\r\n
# – memlock – max locked-in-memory address space (KB)\r\n
# – nofile – max number of open files\r\n
# – rss – max resident set size (KB)\r\n
# – stack – max stack size (KB)\r\n
# – cpu – max CPU time (MIN)\r\n
# – nproc – max number of processes\r\n
# – as – address space limit (KB)\r\n
# – maxlogins – max number of logins for this user\r\n
# – maxsyslogins – max number of logins on the system\r\n
# – priority – the priority to run user process with\r\n
# – locks – max number of file locks the user can hold\r\n
# – sigpending – max number of pending signals\r\n
# – msgqueue – max memory used by POSIX message queues (bytes)\r\n
# – nice – max nice priority allowed to raise to values: [-20, 19]\r\n
# – rtprio – max realtime priority
看到高亮的部分没,是不是和我们的出错的信息”noproc“这东西很像,应该它就是罪魁祸首了。再往下看这个配置文件

# End of file\r\n
* soft noproc 65535
* hard noproc 65535
* soft nofile 65535
* hard nofile 65535

不用我说,你也知道是什么原因了吧,应该把noproc改成nproc,意思就是最大的进程数(对话数)。

按理说原来肯定是没有错的,可能是LNMP一键按装包里有错误,希望作者可以把这个错误修正了,不然广大使用者都不知道错在什么地方。

转自http://www.noisyguy.com/archives/214.html

0 Comments
Leave a Reply

Time limit is exhausted. Please reload the CAPTCHA.