Jonathan Woithe <jwoithe(a)physics.adelaide.edu.au> writes:
Sorry, no homepage yet. Read the enclosed README and
manpage for full
details. In short, a simple text file /etc/set_rtlimits.conf is used to
configure which users (or groups) can run which programs with elevated
realtime/nice priorities. The maximum priorities requestable is limited on
a user+program basis, so a single user or group can have different
maximum priorities for different programs if this is desired.
Your group support is not very useful, yet, because it only checks the
current group. It would help a lot to also check supplementary group
membership, see: `man getgroups(2)'. That way people who add
themselves to some group like `audio' (for example) can gain realtime
privileges as a side-effect. (There may be a problem with this: I am
not certain that supplementary groups are inherited correctly by
setuid programs.)
Also, the group namespace is separate from the user namespace, so the
config file needs some way to tell group `joq' apart from user `joq'.
I believe PAM uses the `@group' notation to distinguish the two (not
that PAM is a very good example of anything).
--
joq