From owner-freebsd-hackers@freebsd.org Fri Jun 30 22:27:12 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 76B7BD9C83B for ; Fri, 30 Jun 2017 22:27:12 +0000 (UTC) (envelope-from jilles@stack.nl) Received: from mailout.stack.nl (mailout05.stack.nl [IPv6:2001:610:1108:5010::202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailout.stack.nl", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 462C981039 for ; Fri, 30 Jun 2017 22:27:12 +0000 (UTC) (envelope-from jilles@stack.nl) Received: from snail.stack.nl (snail.stack.nl [IPv6:2001:610:1108:5010::131]) by mailout.stack.nl (Postfix) with ESMTP id A7E5E76; Sat, 1 Jul 2017 00:27:09 +0200 (CEST) Received: by snail.stack.nl (Postfix, from userid 1677) id 90A1E28497; Sat, 1 Jul 2017 00:27:09 +0200 (CEST) Date: Sat, 1 Jul 2017 00:27:09 +0200 From: Jilles Tjoelker To: Anthony Pankov Cc: freebsd-hackers@freebsd.org Subject: Re: using rc.subr only by root restriction Message-ID: <20170630222709.GA74602@stack.nl> References: <1599987034.20170623182536@mail.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1599987034.20170623182536@mail.ru> User-Agent: Mutt/1.5.21 (2010-09-15) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jun 2017 22:27:12 -0000 On Fri, Jun 23, 2017 at 06:25:36PM +0300, Anthony Pankov via freebsd-hackers wrote: > I was deploying my new system based on FreeBSD 11 and got ф > surprise. I have specific subsystem which use own startup scripts tied > to rc.subr for better integration. Those scripts can be used not > only by system startup but also by unpriveleged user. With FreeBSD > 11 in case of unpriveleged user the error appear: "limits: setrlimit > datasize: Operation not permitted" > There is a thread on a forum about the issue: > https://forums.freebsd.org/threads/58304/ > I've never seen a warning to do not use rc.subr in regular scripts > so I made it this way. > May be we can consider to patch rc.subr and remove this > restriction? > P.S. This patch helps, but may be there is a better way. > --- /etc/rc.subr.old 2017-06-21 07:11:39.716210000 +0300 > +++ /etc/rc.subr 2017-06-21 07:18:21.215444000 +0300 > @@ -1072,7 +1072,9 @@ > fi > > # Prepend default limits > - _doit="limits -C $_login_class $_doit" > + if [ `id -u` -eq 0 ]; then > + _doit="limits -C $_login_class $_doit" > + fi > > # run the full command > # I don't like that this starts id -u many times during startup. Perhaps you can use the id invocation in the code block that unsets $_user if running as that user. By the way, that code block seems to indicate that it was definitely supposed to work to use rc.subr without root privileges. The concern about resource limits and other context not matching normal boot is valid, though. -- Jilles Tjoelker