[linux-audio-dev] ANN: set_rtlimits for PAM-less systems and perhaps others
jwoithe at physics.adelaide.edu.au
Mon May 30 00:07:43 UTC 2005
With the recent adoption of the realtime rlimits patch into the mainline
kernel, people have needed a way of utilising this for their music software.
There is apparently a PAM module out there which can be used if one's system
uses PAM, but for people on Slackware (which doesn't use PAM) - and perhaps
other distributions as well - this is not an available option.
set_rtlimits is a small program I hacked up over the weekend to allow
controlled non-priviledged access to realtime scheduling through the new
RTPRIO resource limit. set_rtlimits needs to be setuid root but it only
runs at elevated priviledges when setting the resource limits. Furthermore,
the users who are permitted to use set_rtlimits are controlled through a
hardcoded central configuration file (/etc/set_rtlimits.conf), as are the
programs those users can run via set_rtlimits and the maximum realtime and
nice priorities the users can request for each program. Programs must be
specified using absolute paths, so a malicious user can't just run their own
ardour binary, for example.
There is no homepage for this yet; simply grab the source from
Documentation is by way of the included README and manpage.
Note that this is not polished software. It's not autoconf-ised, although
hopefully it won't require too much tweaking to compile on a variety of
systems. It probably isn't written in a very portable way, and although it
poses no security issues to the best of my knowledge (beyond the usual
issues with setuid root programs and realtime priorities) it has not been
extensively audited. Having said that it gets the job done for me and might
be useful for others. My time is limited at present which is why the rough
Development was done under Slackware 10.0 running kernel 2.6.12-rc5. Using
this program I have successfully run Ardour 0.9beta29 and muse 0.7.2pre1
with Jack 0.99.73 under 2.6.12-rc5 for short periods.
Bug reports, improvements, suggestions and patches are welcome; send to the
email address included in the tarball documentation.
More information about the Linux-audio-dev