using rc.subr only by root restriction
Adrian Chadd
adrian.chadd at gmail.com
Sat Jun 24 17:43:27 UTC 2017
hi,
this was my fault. :)
There are some limits that you can set as a user.
I think this is a fine change; but I can't speak for the correctness
of using rc.subr as a general library set for your own purposes. :0
-a
On 23 June 2017 at 08:25, Anthony Pankov via freebsd-hackers
<freebsd-hackers at freebsd.org> wrote:
> Greetings
>
> I was deploying my new system based on FreeBSD 11 and got ф
> surprise.
> I have specific subsystem which use own startup scripts tied to rc.subr
> for better integration. Those scripts can be used not only by system startup but also by
> unpriveleged user.
> With FreeBSD 11 in case of unpriveleged user the error appear: "limits:
> setrlimit datasize: Operation not permitted"
>
> There is a thread on a forum about the issue: https://forums.freebsd.org/threads/58304/
>
> I've never seen a warning to do not use rc.subr in regular scripts so I
> made it this way.
>
> May be we can consider to patch rc.subr and remove this
> restriction?
>
>
>
> P.S. This patch helps, but may be there is a better way.
> --- /etc/rc.subr.old 2017-06-21 07:11:39.716210000 +0300
> +++ /etc/rc.subr 2017-06-21 07:18:21.215444000 +0300
> @@ -1072,7 +1072,9 @@
> fi
>
> # Prepend default limits
> - _doit="limits -C $_login_class $_doit"
> + if [ `id -u` -eq 0 ]; then
> + _doit="limits -C $_login_class $_doit"
> + fi
>
> # run the full command
> #
>
>
> --
>
> Anthony Pankov mailto:ap00 at mail.ru
>
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
More information about the freebsd-hackers
mailing list