On Wed, Apr 27, 2005 at 08:13:21AM +1000, Luke Yelavich wrote:
Some distros, like Slackware do not use pam. How could
this patch still
be used?
I've written a small setuid utility which gives access to the new resource
limits on an otherwise unpatched system (so long as a kernel with the new
resource limits is running, of course). It should work regardless of
whether PAM is installed, but my main motivation in writing it was to allow
me to access the new functionality under Slackware 10.x (with a 2.6 kernel).
Grab the tarball from
http://www.physics.adelaide.edu.au/~jwoithe/set_rtlimits-1.0.0.tgz
Sorry, no homepage yet. Read the enclosed README and manpage for full
details. In short, a simple text file /etc/set_rtlimits.conf is used to
configure which users (or groups) can run which programs with elevated
realtime/nice priorities. The maximum priorities requestable is limited on
a user+program basis, so a single user or group can have different
maximum priorities for different programs if this is desired.
Once set up, using it is as simple as inserting set_rtlimits in front of
the program you wish to run (and its parameters). For example:
set_rtlimits -r=100 /usr/local/bin/muse -a
will run muse with the dummyaudio driver with a maximum realtime priority
resource limit of 100. Note the full path to the program to execute is
required so ordinary users can't just substitute their own binaries of
the same name as "allowed" programs.
It might not be the most secure program written (although I've tried to
avoid gaping holes), but it gets the job done for me.
Regards
jonathan