-
Notifications
You must be signed in to change notification settings - Fork 48
Secure Memory Limitations
When loading and/or importing a certain number of tokens (~20 or more, depending on the current memlock limit), the program could crash if enough secure memory can't be locked (see issues#126).
In that particular case, in order to import 150 tokens, 1024
had to be set as memlock value (even though a value between 512
and 768
may have worked too).
If you execute the program from the terminal, you should see something similar to the following:
[WARNING] your OS's memlock limit may be too low for you (65536 bytes). Please have a look at https://github.com/paolostivanin/OTPClient#limitations
Error while loading json data:
Couldn't allocate secure memory
If the same should happen also to you, please before opening an issue here on GitHub try to increase the memlock value by following the steps written below.
On Ubuntu 16.04, openSUSE Leap 15 and probably other distros, the memlock
default value is very low (64 KB
, you can check that from the terminal using ulimit -l
).
This may lead to crashes even with few tokens (~20), so it's highly recommended to increase that value to a more sane number. To do that, please follow these steps:
- if
pam_limits
is not already there (grep -rni pam_limits /etc/pam.d/
) append to the file/etc/pam.d/common-session
the following text:
session required pam_limits.so
- create a file called, for example,
/etc/security/limits.d/memlock.conf
and add the following text:
<your_username> soft memlock unlimited
<your_username> hard memlock unlimited
where <your_username>
is the username you use to login. You can get that string, for example, by executing whoami
from the terminal.
Reboot the system and now ulimit -l
should show you unlimited
or whatever other value you have chosen.