Ricardo Wurmus <rek...@elephly.net> skribis: > The attached patch tries to add an entry for pam_limits.so, but I have > no idea if this actually works or if this is the way it should be done. > As far as I can tell we only need the pam_limits.so entry for > “/etc/pam.d/login”, but I could not find where this file is generated.
It is generated based on the ‘pam-services’ field of the service returned by ‘mingetty-service’. Maybe it would be best to adjust just that part? > Also, I wonder how users are supposed to edit /etc/security/limits.conf > at all. I suppose they are not to edit anything in /etc anyway. > pam_limits.so also reads *.conf files in “/etc/security/limits.d/” and > maybe it would make sense for packages to provide a > “$out/etc/security/limits.d/$name.conf” file with settings. For > example, the “jack” packages could then provide > “$out/etc/security/limits.d/realtime.conf”, which contains the > following: > > @realtime - rtprio 99 > @realtime - memlock unlimited > > (See http://www.jackaudio.org/faq/linux_rt_config.html) Is this PREFIX/etc/security/limits.d convention already used? If not, I’d rather avoid inventing it. ;-) What we could do is add a field in ‘operating-system’ to specify the limits.conf file to install as /etc/security/limits.conf? It would be even better to create Scheme data types that mirror the settings of a limits.conf file (similar to what is done for PAM settings), and have users fiddle with that rather than with a plain text file. > A user in the “realtime” group could then finally use JACK in realtime > mode. > > What is the best way to make this work? (I really want to run JACK in > realtime mode.) (In the meantime I think your patch plus manual fiddling of /etc/security/limits.conf does the job.) Ludo’.
