Skip to content

Commit

Permalink
add configuration variables for pam_limits
Browse files Browse the repository at this point in the history
  • Loading branch information
@bartowl @Rendanic
bartowl authored and Rendanic committed Jan 29, 2023
1 parent 646c1ae commit de0d972
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 1 deletion.
2 changes: 2 additions & 0 deletions changelogs/fragments/pam_limits_config.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
minor_changes:
- add configuration variables for pam_limits to orahost (oravirt#317)
3 changes: 3 additions & 0 deletions roles/orahost/defaults/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,9 @@ configure_ssh: false # (true/false). Should passwordless
# mountpoints are described in host_fs_layout
configure_host_disks: false

configure_limits_pam: true # entry in /etc/pam.d/limits
configure_limits: true # /etc/security.d/limits.d/99-oracle-limits.conf file

configure_etc_hosts: false
configure_cluster: false
oracle_stage: /u01/stage
Expand Down
3 changes: 2 additions & 1 deletion roles/orahost/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -463,14 +463,15 @@
state: present
line: "session required pam_limits.so"
tags: pamconfig
when: configure_limits_pam and configure_limits

- name: Oracle-recommended security limits
ansible.builtin.template:
src: oracle-seclimits.conf.j2
dest: /etc/security/limits.d/99-oracle-limits.conf
backup: true
mode: "0644"
when: ansible_os_family == 'RedHat'
when: configure_limits and ansible_os_family == 'RedHat'
tags: seclimit

- name: Oracle-recommended security limits on SLES
Expand Down

0 comments on commit de0d972

Please sign in to comment.