[sudo-users] "nice sudo foo": "foo" does not inherits niceness
Todd C. Miller
Todd.Miller at courtesan.com
Mon Aug 18 12:40:24 EDT 2008
In message <2753bafa0808180819v50e5bd19w62800a63ee3b553b at mail.gmail.com>
so spake thomas (thomas.bsd):
> Hi list, here is my question:
>
> $ (nice sudo sleep 5 &); ps -al | egrep '(^F|sleep)'
> F S UID PID PPID C PRI NI ADDR SZ WCHAN TTY TIME CMD
> 4 S 0 15823 1 0 80 0 - 754 - pts/5 00:00:00 sleep
>
> Why doesn't "sleep" have a niceness of 10?
>
> Of course I do not want to add "nice" to /etc/sudoers and run "sudo
> nice foo", that would be quite insecure :-/
The pam_limits.so PAM module (see /etc/security/limits.conf) is
resetting the nice value to zero. You can remove pam_limits.so
from /etc/pam.d/sudo but that will prevent the resource limits from
being set based on the target user.
- todd
More information about the sudo-users
mailing list