Re: [linux-audio-dev] Please test the RT rlimits patch for audio

From: Jonathan Woithe <jwoithe@email-addr-hidden>
Date: Tue Jun 07 2005 - 04:24:54 EEST

> >> Your group support is not very useful, yet, because it only checks the
> >> current group.
> >
> > True, but group support wasn't really my prime objective at this point in
> > time (see below).
>
> That's what I figured. Sorry to sound overly critical. I should have
> framed my comments in a positive context.

Hey, no problem.

Spurred on by your comments and the fact I unexpectedly found myself with a
little free time overnight, I have addressed the issues with the group
support in set_rtlimits. Group and user name spaces are now treated
separately, with groupnames starting with a @ character. Furthermore, a
user's supplementary group list is now scanned for a match (they are
correctly propagated to a setuid binary, at least under Linux), making the
group support more useful for people in general. I also took the
opportunity to improve the clarity of some error messages.

Set_rtlimits 1.1.0 can be downloaded using the URL

  http://www.physics.adelaide.edu.au/~jwoithe/set_rtlimits-1.1.0.tgz

Set_rtlimits is now also linked on my homepage at

    http://www.physics.adelaide.edu.au/~jwoithe

in the "Linux things" section.

> Your program is quite useful and timely. Given the difficulty of
> patching and then configuring PAM, I expect very few users to use the
> new rlimits effectively until those changes have percolated down into
> widely-available distributions.

Indeed, and there are some which won't use PAM at all.

> My comments were intended to encourage further development of this
> useful program, not to come across as harsh and critical.

No problem - sorry if I came across as annoyed. Constructive comments and
suggestions are always welcome.

Another thing I'm pondering is adding support for setting the memlock limit
for selected binaries; this way a user doesn't have to be granted large
memlock limits in general just so they can run one or two apps which need
it. If this happens I might rename set_rtlimits to set_rlimits since this
change would make it more general than just dealing with realtime limits.
Would this be useful for people?

Best regards
  jonathan
Received on Tue Jun 7 08:15:06 2005

This archive was generated by hypermail 2.1.8 : Tue Jun 07 2005 - 08:15:07 EEST