Fuel for OpenStack

  1. Bug #1429553
  2. Comment #32

Comment 32 for bug 1429553

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to fuel-library (stable/8.0)

Reviewed: https://review.openstack.org/275579
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=464f57d51dd165f40a57121790e29df3f9616fc2
Submitter: Jenkins
Branch: stable/8.0

commit 464f57d51dd165f40a57121790e29df3f9616fc2
Author: Dmitry Bilunov <email address hidden>
Date: Thu Jan 21 12:07:59 2016 +0300

    Apply PAM security limits by running daemons through su

    Daemons launched from OCF scripts inherit default resource limits. It
    could confuse users and cause resource allocation fail under heavy load.

    We should run daemons requiring root privileges through su - root -c, so
    limits from limits.conf would be enforced. To make it easier to
    implement, a new wrapper "ocf_run_as_root" is implemented in
    ocf-fuel-funcs.

    Change-Id: Iea56e4d08a2c1f92500129210d79e4b1fe04e3fd
    Closes-Bug: #1429553
    (cherry picked from commit 65eca547606edceedc15d8fadfd1e5822ba9f1f6)