[sudo-users] uid switching vs resource limits

Todd C. Miller Todd.Miller at courtesan.com
Fri Jun 12 09:56:27 MDT 2015

On Fri, 12 Jun 2015 09:34:59 -0600, "Todd C. Miller" wrote:

> I've been trying to reproduce this on Debian 8 using 1.8.10p3-1+deb8u2
> but I get the same behavior you report for 1.8.5.  I've tried
> reducing the nproc limit further but in each instance if I can run
> a command via bash without hitting the limit I can run it via sudo
> too.

Apparently the behavior was removed in Linux 3.1, which explains
why I couldn't reproduce it.

   EAGAIN uid does not match the real user ID of the caller and
          this  call would  bring  the number of processes belonging
          to the real user ID uid over the caller's  RLIMIT_NPROC
          resource limit.   Since Linux 3.1, this error case no
          longer occurs (but robust applications should check for
          this  error); see  the  description  of EAGAIN in execve(2).

My test VM is Debian 8.1 with the following kernel:
Linux deb8 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt11-1 (2015-05-24) x86_64 GNU/Linux

 - todd

More information about the sudo-users mailing list