[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

sudo and login classes

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: sudo and login classes
From: Henning Brauer <lists-openbsd_(_at_)_bsws_(_dot_)_de>
Date: Fri, 5 Oct 2001 13:21:02 +0200
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org

Hi,

imagine you run a fairly busy webserver. Thus you have created or modified a
login class (lets call it daemon) in /etc/login.conf to set openfiles and 
maxprocs to high values. you applied this login class to root. When you boot 
the machine and apache gets started everything is fine.

After mirades of uninterrupted service ;-)) you compile a new httpd binary 
and need to stop and restart apache. Nice guy you are you login as normal 
user (beeing in a login class with much stricter ressource limits - lets
call it default) and "sudo apachectl stop" + "sudo apachectl start". Voila, 
your httpd has the limits of the default login class applied, NOT the one
from daemon.

I wouldn't exactly call this behaviour errorneous. But it is unexpected. The
only solution I know is to actually login as root and issue the apachectl
commands that way.

Is this the expected behaviour?
Should it be changed (is it possible at all?)?
Comments?

Greetz

Henning

(login classes are great. I just love 'em.)

-- 
* Henning Brauer, hostmaster_(_at_)_bsws_(_dot_)_de, http://www.bsws.de    *
* BS Web Services, Roedingsmarkt 14, 20459 Hamburg, Germany *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Prev by Date: Re: ports snapshot
Next by Date: pf question
Previous by thread: Re: ports snapshot
Next by thread: pf question
Index(es):
- Date
- Thread

Visit your host, monkey.org