Apply PAM security limits by running daemons through su
Daemons launched from OCF scripts inherit default resource limits. It
could confuse users and cause resource allocation fail under heavy load.
We should run daemons requiring root privileges through su - root -c, so
limits from limits.conf would be enforced. To make it easier to
implement, a new wrapper "ocf_run_as_root" is implemented in
ocf-fuel-funcs.
Reviewed: https:/ /review. openstack. org/270675 /git.openstack. org/cgit/ openstack/ fuel-library/ commit/ ?id=478fef32ceb 706da22aff84ec2 8f54d03273c07e
Committed: https:/
Submitter: Jenkins
Branch: master
commit 478fef32ceb706d a22aff84ec28f54 d03273c07e
Author: Dmitry Bilunov <email address hidden>
Date: Thu Jan 21 12:07:59 2016 +0300
Apply PAM security limits by running daemons through su
Daemons launched from OCF scripts inherit default resource limits. It
could confuse users and cause resource allocation fail under heavy load.
We should run daemons requiring root privileges through su - root -c, so
limits from limits.conf would be enforced. To make it easier to
implement, a new wrapper "ocf_run_as_root" is implemented in
ocf-fuel-funcs.
Change-Id: I4b0e0cd0ebca90 13adbd69830ea79 772014d6cf1
Closes-Bug: #1429553