[sudo-users] "nice sudo foo": "foo" does not inherits niceness
Battersby-Cornmell, Robin Alasdair
Robin.Battersby-Cornmell at uisl.unisys.com
Tue Aug 19 05:13:22 EDT 2008
I would suggest that the nice command is acting on the execution of
sudo, i.e. sudo itself is running at worse priority but the spawned
process (whatever that may be) runs normally. The best way to sort this
out would be to write a calling script that contain everything including
the nice commands.
e.g. sudo myscript
#This is myscript
nice sleep 30
I agree that allowing sudo access to nice is effectively allowing sudo
access to everything,
e.g. sudo nice kill 1
Robin Battersby-Cornmell | IS Service Delivery Technical Support Analyst
Unisys Insurance Services Limited | Level 6, New Hall Place | Liverpool,
Merseyside, L3 9UE | 0151 239 2825 (Net pending)
Registered in England Company No. 04087012 Registered Office: Bakers
Court, Bakers Road, Uxbridge, UB8 1RG
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.
From: thomas [mailto:thomas.bsd at gmail.com]
Sent: Monday, August 18, 2008 4:19 PM
To: sudo-users at sudo.ws
Subject: [sudo-users] "nice sudo foo": "foo" does not inherits niceness
Hi list, here is my question:
$ (nice sudo sleep 5 &); ps -al | egrep '(^F|sleep)'
F S UID PID PPID C PRI NI ADDR SZ WCHAN TTY TIME CMD
4 S 0 15823 1 0 80 0 - 754 - pts/5 00:00:00 sleep
Why doesn't "sleep" have a niceness of 10?
Of course I do not want to add "nice" to /etc/sudoers and run "sudo nice
foo", that would be quite insecure :-/
$ sudo -V
Sudo version 1.6.9p17
Thanks for your help
This email is sent in confidence for the addressee only.
Unauthorised recipients must preserve this confidentiality and should please advise the sender immediately by returning the original email to us without reading it, taking a copy or disclosing it to anyone else. Please also destroy and delete the email from your computer.
We have taken reasonable precautions to ensure that no viruses are transmitted to any third party. Unisys Insurance Services Limited does not accept any responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents.
Unisys Insurance Services Limited is authorised and regulated by the Financial Services Authority, is a member of the UNISYS group of companies and provides outsourcing services to the Financial Services Industry
Unisys Insurance Services Limited Registered in England No. 4087012
Registered Office: Bakers Court, Bakers Road, Uxbridge, UB8 1RG
More information about the sudo-users