[sudo-users] "nice sudo foo": "foo" does not inherits niceness

Battersby-Cornmell, Robin Alasdair Robin.Battersby-Cornmell at uisl.unisys.com
Tue Aug 19 05:13:22 EDT 2008 

I would suggest that the nice command is acting on the execution of
sudo, i.e. sudo itself is running at worse priority but the spawned
process (whatever that may be) runs normally.  The best way to sort this
out would be to write a calling script that contain everything including
the nice commands.

e.g. sudo myscript

	#!bin/ksh
	#This is myscript
	#
	#
	nice sleep 30


I agree that allowing sudo access to nice is effectively allowing sudo
access to everything,
e.g. sudo nice kill 1




Robin Battersby-Cornmell | IS Service Delivery Technical Support Analyst

Unisys Insurance Services Limited | Level 6, New Hall Place | Liverpool,
Merseyside, L3 9UE | 0151 239 2825 (Net pending)            
Registered in England Company No. 04087012 Registered Office: Bakers
Court, Bakers Road, Uxbridge, UB8 1RG 
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers. 


-----Original Message-----
From: thomas [mailto:thomas.bsd at gmail.com] 
Sent: Monday, August 18, 2008 4:19 PM
To: sudo-users at sudo.ws
Subject: [sudo-users] "nice sudo foo": "foo" does not inherits niceness

Hi list, here is my question:

$ (nice sudo sleep 5 &);  ps -al | egrep '(^F|sleep)'
F S   UID   PID  PPID  C PRI  NI ADDR SZ WCHAN  TTY          TIME CMD
4 S     0 15823     1  0  80   0 -   754 -      pts/5    00:00:00 sleep

Why doesn't "sleep" have a niceness of 10?

Of course I do not want to add "nice" to /etc/sudoers and run "sudo nice
foo", that would be quite insecure :-/

$ sudo -V
Sudo version 1.6.9p17

Thanks for your help

Thomas


***********************************

This email is sent in confidence for the addressee only.

Unauthorised recipients must preserve this confidentiality and should please advise the sender immediately by returning the original email to us without reading it, taking a copy or disclosing it to anyone else. Please also destroy and delete the email from your computer.

We have taken reasonable precautions to ensure that no viruses are transmitted to any third party. Unisys Insurance Services Limited does not accept any responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents.

Unisys Insurance Services Limited is authorised and regulated by the Financial Services Authority, is a member of the UNISYS group of companies and provides outsourcing services to the Financial Services Industry

Unisys Insurance Services Limited Registered in England No. 4087012
Registered Office: Bakers Court, Bakers Road, Uxbridge, UB8 1RG

More information about the sudo-users mailing list