From owner-svn-src-head@freebsd.org Sat Jun 18 22:06:51 2016 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2103DA79057; Sat, 18 Jun 2016 22:06:51 +0000 (UTC) (envelope-from zeising@freebsd.org) Received: from mail.daemonic.se (cloud.daemonic.se [185.34.0.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D8B8E1F68; Sat, 18 Jun 2016 22:06:50 +0000 (UTC) (envelope-from zeising@freebsd.org) Received: from cloud.daemonic.se (localhost [IPv6:::1]) by mail.daemonic.se (Postfix) with ESMTP id 3rXB6T6tlqz27LY; Sat, 18 Jun 2016 22:06:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at daemonic.se Received: from mail.daemonic.se ([127.0.0.1]) (using TLS with cipher ECDHE-RSA-AES128-GCM-SHA256) by cloud.daemonic.se (mailscanner.daemonic.se [127.0.0.1]) (amavisd-new, port 10587) with ESMTPS id OnrL_A8Amv67; Sat, 18 Jun 2016 22:06:41 +0000 (UTC) Received: from tifa.daemonic.se (tifa.daemonic.se [IPv6:2001:470:dca9:2::5]) by mail.daemonic.se (Postfix) with ESMTPSA id 3rXB6T1R5Xz27C0; Sat, 18 Jun 2016 22:06:40 +0000 (UTC) Subject: Re: svn commit: r288291 - head/etc To: Adrian Chadd , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org References: <201509270403.t8R43B5Z062241@repo.freebsd.org> From: Niclas Zeising Message-ID: <2171b966-35c7-2dad-2c0f-f23061cb677a@freebsd.org> Date: Sun, 19 Jun 2016 00:06:32 +0200 User-Agent: Mutt/1.5.21 MIME-Version: 1.0 In-Reply-To: <201509270403.t8R43B5Z062241@repo.freebsd.org> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Jun 2016 22:06:51 -0000 On 09/27/15 06:03, Adrian Chadd wrote: > Author: adrian > Date: Sun Sep 27 04:03:11 2015 > New Revision: 288291 > URL: https://svnweb.freebsd.org/changeset/base/288291 > > Log: > Enforce consistent limits of daemons run from rc.subr: > > * Allow the user to configure the login class to use in rc.conf > by using {daemon}_login_class, which; > * Use the daemon class by default; > * .. and then use 'limits' to set the login class so it works both > via init at startup (which runs this in 'daemon' class) and via > whichever root environment (eg command line, other daemons, etc.) > > Reviewed by: dteske > Differential Revision: https://reviews.freebsd.org/D3630 > > Modified: > head/etc/rc.subr > > Modified: head/etc/rc.subr > ============================================================================== > --- head/etc/rc.subr Sun Sep 27 03:46:55 2015 (r288290) > +++ head/etc/rc.subr Sun Sep 27 04:03:11 2015 (r288291) > @@ -768,6 +768,8 @@ check_startmsgs() > # > # ${name}_prepend n Command added before ${command}. > # > +# ${name}_login_class n Login class to use, else "daemon". > +# > # ${rc_arg}_cmd n If set, use this as the method when invoked; > # Otherwise, use default command (see below) > # > @@ -942,7 +944,7 @@ run_rc_command() > _nice=\$${name}_nice _user=\$${name}_user \ > _group=\$${name}_group _groups=\$${name}_groups \ > _fib=\$${name}_fib _env=\$${name}_env \ > - _prepend=\$${name}_prepend > + _prepend=\$${name}_prepend _login_class=\${${name}_login_class:-daemon} > > if [ -n "$_user" ]; then # unset $_user if running as that user > if [ "$_user" = "$(eval $IDCMD)" ]; then > @@ -1050,6 +1052,9 @@ $command $rc_flags $command_args" > fi > fi > > + # Prepend default limits > + _doit="limits -C $_login_class $_doit" ^^^^^^^^^^ > + > # run the full command > # > if ! _run_rc_doit "$_doit"; then Apologies for waking so late. This breaks the start of scripts running before file systems are mounted, for example /etc/rc.d/ddb, if / and /usr are on separate partitions. The issue is that limits is /usr/bin/limits, and for obvious reasons can't be found before /usr is mounted. I suggest either move /usr/bin/limits to /bin/limits or avoid using it altogether. Do you want me to open a PR to track this issue? Regards! -- Niclas Zeising