[OLPC Security] permissions for setting scheduler policy

Victor Lazzarini Victor.Lazzarini at nuim.ie
Thu Aug 14 10:58:32 EDT 2008 

yes, I suppose that can be done, but it does look a little messy,
and it would be nice to be able to write activities that transparently
can do this, rather than as special cases.

It does not need to be root. I can set permissions for user olpc and
it works (provided that limits.conf is edited correctly). But somehow
activities (launched by rainbow?) are UID 10002 which seems not
to follow the rules of pam .

Victor

At 15:43 14/08/2008, Jim Gettys wrote:
>A typical solution is, when you are about to start the process, invoke a
>different (very small, so it can be audited) process that can set what
>you need as root, and then drop the privileges before execing the real
>image that does the work.
>
>But Michael may have something else in mind for Rainbow.
>                         - Jim
>
>
>On Wed, 2008-08-13 at 11:21 +0100, Victor Lazzarini wrote:
> > Hello everyone,
> >
> > I am working on trying to get better RT performance
> > off csound. I have added some code to set the
> > scheduler policy and priority, but the problem is
> > that I can only use it as root.
> >
> > As user olpc, the scheduler code will not be allowed
> > to set the policy and priority.
> >
> > It'd be ideal if activities using csound could take
> > advantage of this code, because it seems to help
> > performance. We could set up group permissions
> > for that in /etc/security/limits.conf
> >
> > What are your thoughts (esp. Deepak and Daniel D)?
> >
> > Dr Victor Lazzarini
> > Senior Lecturer
> > Music Technology Laboratory, Music Department
> > National University of Ireland, Maynooth
> >
> > _______________________________________________
> > Devel mailing list
> > Devel at lists.laptop.org
> > http://lists.laptop.org/listinfo/devel
> > _______________________________________________
> > Security mailing list
> > Security at lists.laptop.org
> > http://lists.laptop.org/listinfo/security
>--
>Jim Gettys <jg at laptop.org>
>One Laptop Per Child

Victor Lazzarini
Music Technology Laboratory
Music Department
National University of Ireland, Maynooth

More information about the Devel mailing list