[Pkg-shadow-devel] Add enforce limits to su.

Justin Bronder jsbronder at gmail.com
Fri Oct 12 21:56:54 UTC 2007

On 12/10/07 23:36 +0200, Nicolas François wrote:
> Hi Justin,
> On Fri, Oct 12, 2007 at 03:11:59PM -0400, jsbronder at gmail.com wrote:
> > First, let me extend my thanks to all of you for taking over upstream
> > development.  Now I actually know who to email!
> > 
> > Attached is a patch that adds a new command line option to su.  From the man
> > page:
> > 
> > -L, --enforce-limits
> >   Enforce the limits in /etc/limits.
> >   If PAM was enabled at compile time, this option has no effect.
> > 
> > Currently when su'ing from root to another user, setup_limits() is never
> > called.  Typically this is probably not a huge problem, but when you're
> > su'ing to a user that has an increased real-time priority, it's nice to not
> > have to call ulimit first.
> Thanks for the patch.
> Would it be OK to just enforce the limits from /etc/limits when the -, -l,
> or --login options are specified and to keep the current behavior when no
> options or when the -p, -m, or --preserve-environment.

I'm ok with that, I didn't want to change the current behavior in case anyone
is relying upon it, but it makes more sense to me that the 'login' type
options should respect set limits.  This is just my opinion of course.

> PS: I'm not forgetting http://bugs.debian.org/442334

Great, I appreciate it.

Thanks again,

Justin Bronder
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20071012/5cd8065e/attachment.pgp 

More information about the Pkg-shadow-devel mailing list