Fuel for OpenStack

  1. Bug #1429553
  2. Comment #25

Comment 25 for bug 1429553

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to fuel-library (master)

Reviewed: https://review.openstack.org/270675
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=478fef32ceb706da22aff84ec28f54d03273c07e
Submitter: Jenkins
Branch: master

commit 478fef32ceb706da22aff84ec28f54d03273c07e
Author: Dmitry Bilunov <email address hidden>
Date: Thu Jan 21 12:07:59 2016 +0300

    Apply PAM security limits by running daemons through su

    Daemons launched from OCF scripts inherit default resource limits. It
    could confuse users and cause resource allocation fail under heavy load.

    We should run daemons requiring root privileges through su - root -c, so
    limits from limits.conf would be enforced. To make it easier to
    implement, a new wrapper "ocf_run_as_root" is implemented in
    ocf-fuel-funcs.

    Change-Id: I4b0e0cd0ebca9013adbd69830ea79772014d6cf1
    Closes-Bug: #1429553