[Novalug] Can somebody verify ulimit behavior from su?

Brander Snaxe brandon20va@yahoo.com
Wed Jul 6 00:09:20 EDT 2011


Hello,

I'm configuring a commercial software package on a CentOS server. The ulimits for the shell must be changed for this package to work. I want to run the package as a non-root user. The package comes with a startup script. The startup script calls su in order to run the service as a different user. If I modify the startup script (which is init.d, btw) to set the ulimits, will these limits apply to the command executed by 'su' in the script when it hands the process over to the non-root user?

I tried manually by creating a shell script that does a "whoami;ulimit -a". Then as root, I change a ulimit in the shell. I then do an "su user -c testulimit.sh" and it does indeed output the ulimit from the parent shell. 

I know I can also set ulimits in /etc/security/limits.conf, but somebody may (for whatever reason) want to run the service as root. I don't want to change root's ulimits globally just for this one package's requirements. It seems less invasive to have the startup script do all the setup first.

Can anybody point out any issues with this? Can I assume this is working correctly? I read the ulimit man page and also Googled and didn't find anything.


Thanks,
  Brandon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.firemountain.net/pipermail/novalug/attachments/20110705/039717ef/attachment.htm>


More information about the Novalug mailing list