Still getting the WARNING message about low memlock limit despite having configured it according to the documentation

[giraudan]

Hello,

After implementing the modifications specified here and rebooting, I'm still getting this warning at startup:

[WARNING] your OS's memlock limit may be too low for you (current value: 16777216 bytes).
This may cause issues when importing third parties databases or dealing with tens of tokens.
For information on how to increase the memlock value, please have a look at https://github.com/paolostivanin/OTPClient/wiki/Secure-Memory-Limitations
couldn't lock 16384 bytes of memory (dh): Cannot allocate memory
Couldn't find the password in the secret service.

• I have pam_limits defined in multiple config files under /etc/pam.d:

$ grep -rni pam_limits /etc/pam.d/
/etc/pam.d/system-services:8:session   required    pam_limits.so
/etc/pam.d/system-auth:25:session    required                    pam_limits.so
/etc/pam.d/tigervnc:5:session    required     pam_limits.so

• I permanently modified the memlock limits for all users:

$ grep memlock /etc/security/limits.conf
* soft memlock 16384
* hard memlock 16384

• I checked, after rebooting, that ulimit -l returns the correct value:

$ ulimit -l
16384

Additional info:

• I'm using otpclient v3.2.1.
• I'm using an up-to-date archlinux

Am I doing something wrong?

[paolostivanin]

Hello, it's showing the warning because with the latest release I've increase the minimum amount of suggested secure memory. You should use unlimited instead of 16384. I've updated the Wiki accordingly.

[giraudan]

Thanks!

May I suggest to specify the username instead of * in /etc/security/limits.d/memlock.conf?

[paolostivanin]

good idea!