From bad57613669e1f02995fc86e3e28c421aa26fd6e Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@isti.cnr.it>
Date: Thu, 14 Feb 2019 15:20:25 +0100
Subject: [PATCH] Manage the users limits in a single place.

---
 ubuntu-deb-general/tasks/manage_su_limits.yml | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/ubuntu-deb-general/tasks/manage_su_limits.yml b/ubuntu-deb-general/tasks/manage_su_limits.yml
index 73652c22..3d9ce48e 100644
--- a/ubuntu-deb-general/tasks/manage_su_limits.yml
+++ b/ubuntu-deb-general/tasks/manage_su_limits.yml
@@ -3,8 +3,13 @@
   lineinfile: dest=/etc/pam.d/su line="session required pam_limits.so" insertafter="^#\ \(Replaces\ the\ use\ of\ /etc/limits.*$"
   tags: [ 'su', 'pam_limits']
 
-- name: Change the default security limits
-  pam_limits: domain={{ item.domain }} limit_type={{ item.type }} limit_item={{ item.l_item }} value={{ item.value }}
-  with_items: '{{ default_security_limits }}'
+- name: Change the root user security limits
+  pam_limits: domain=root limit_type={{ item.type }} limit_item={{ item.l_item }} value={{ item.value }}
+  with_items: '{{ root_security_limits }}'
+  tags: [ 'su', 'pam_limits']
+
+- name: Change other users security limits
+  pam_limits: domain={{ item.domain }} limit_type={{ item.type }} limit_item={{ item.l_item }} value={{ item.value }}
+  with_items: '{{ users_security_limits }}'
   tags: [ 'su', 'pam_limits']