using rc.subr only by root restriction

Adrian Chadd adrian.chadd at gmail.com
Sat Jun 24 17:43:27 UTC 2017


hi,

this was my fault. :)

There are some limits that you can set as a user.

I think this is a fine change; but I can't speak for the correctness
of using rc.subr as a general library set for your own purposes. :0


-a


On 23 June 2017 at 08:25, Anthony Pankov via freebsd-hackers
<freebsd-hackers at freebsd.org> wrote:
> Greetings
>
> I  was  deploying  my  new  system  based  on  FreeBSD 11 and got ф
> surprise.
> I have specific subsystem which use own startup scripts tied to rc.subr
> for better integration. Those  scripts  can  be  used  not  only  by system startup but also by
> unpriveleged user.
> With  FreeBSD  11 in case of unpriveleged user the error appear:  "limits:
> setrlimit datasize: Operation not permitted"
>
> There is a thread on a forum about the issue: https://forums.freebsd.org/threads/58304/
>
> I've  never  seen a warning  to do not use rc.subr in regular scripts so I
> made it this way.
>
> May    be    we   can  consider  to  patch  rc.subr  and  remove  this
> restriction?
>
>
>
> P.S. This patch helps, but may be there is a better way.
> --- /etc/rc.subr.old    2017-06-21 07:11:39.716210000 +0300
> +++ /etc/rc.subr        2017-06-21 07:18:21.215444000 +0300
> @@ -1072,7 +1072,9 @@
>                         fi
>
>                                         # Prepend default limits
> -                       _doit="limits -C $_login_class $_doit"
> +                       if [ `id -u` -eq 0 ]; then
> +                               _doit="limits -C $_login_class $_doit"
> +                       fi
>
>                                         # run the full command
>                                         #
>
>
> --
>
>  Anthony Pankov                          mailto:ap00 at mail.ru
>
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"


More information about the freebsd-hackers mailing list