Re: [Jack-Devel] su, limits, PAM and JACK
Jeremy Henty wrote:
> Jamie Heilman wrote:
>
> > Chances are your PAM stack isn't configured to use pam_limits.so for
> > su sessions, which means using su won't pay any attention to the
> > setttings in limits.conf until it is. That said, don't do that.
> > Using su programatically to switch users is a bad idea becuase su's
> > behavior is notoriously unportable anyway.
>
> So, is there any good way to programatically switch users? I ask
> because I have been trying to do that with su and I hit the same
> problem as the OP.
Depends on the context you're doing it in. Generally, the best
approach is to use the system library hooks for whatever language
you're programming in to do it. When it comes to bourne shell (which
doesn't have any native hooks to setgid/setuid), personally, I'm a big
fan of the supervision utilities written by djb
(http://cr.yp.to/daemontools.html) and by extension runit
(http://smarden.org/runit/) which is more or less a clone of
daemontools but more commonly found packaged in distros; both of these
include great tools for switching uid/gid from within bourne shell,
but I wouldn't use them outside of scripting daemon startup/shutdown.
--
Jamie Heilman http://audible.transient.net/~jamie/
1337732378.577_0.ltw:2, <20120523001924.GB18937 at cucamonga dot audible dot transient dot net>