There shouldn't even be a need to test the uid. The setrlimit call should
be made and a getrlimit call can be made to test if it was successful.
Non-root users can also raise their soft limits up to their hard limit.
Dean
On Wed, 25 Jun 1997, George Carrette wrote:
>
> >Number: 783
> >Category: config
> >Synopsis: RLimitMEM, RLimitCPU, hard limit ignored when userid is not 0
> >Confidential: no
> >Severity: non-critical
> >Priority: medium
> >Responsible: apache (Apache HTTP Project)
> >State: open
> >Class: sw-bug
> >Submitter-Id: apache
> >Arrival-Date: Wed Jun 25 05:50:01 1997
> >Originator: [EMAIL PROTECTED]
> >Organization:
> apache
> >Release: 1.2
> >Environment:
> Apache 1.2 as released.
> SunOS sandnews 5.5 Generic sun4m sparc SUNW,SPARCstation-20
> gcc version 2.7.2.1
>
> >Description:
> If you are not running with userid 0 then a config option like this:
> RLimitCPU 10 20
> will give an error message:
> Must be uid 0 to raise maximum
>
> The logic used to generate that message is in error, because I am only trying
> to lower the hard cpu limit to 20, not raise it. Non-root users are allowed
> to do that.
>
> >How-To-Repeat:
> Just use RLimitCPU 10 20 with httpd started non-root.
> >Fix:
> Yes, here is the fix to the procedure set_rlimit in the file http_core.c
> which I have applied at my site.
>
> /* if we aren't running as root, cannot increase max */
> if (geteuid()) {
> limit->rlim_cur = cur;
> if (max && limit->rlim_max && (max > limit->rlim_max))
> log_printf(cmd->server, "Must be uid 0 to raise maximum %s",
> cmd->cmd->name);
> else if (max)
> limit->rlim_max = max;
> }
> else {
> if (cur)
> limit->rlim_cur = cur;
> if (max)
> limit->rlim_max = max;
> }
>
> %0
> >Audit-Trail:
> >Unformatted:
>
>
>
