<div dir="ltr">Hi Chris,<div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jul 15, 2015 at 9:17 AM, Chris Muller <span dir="ltr"><<a href="mailto:ma.chris.m@gmail.com" target="_blank">ma.chris.m@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On Sat, Jul 11, 2015 at 4:30 PM, Eliot Miranda <<a href="mailto:eliot.miranda@gmail.com">eliot.miranda@gmail.com</a>> wrote:<br>
> Hi Chris,<br>
><br>
> I really know very little about this. I don't understand the mechanism. But I'm told that the limits file takes effect on login. i.e. if the file is created while a user is logged in it won't take effect for that user until that user logs out and logs back in again and only applies to those sessions that logged in once the file had been created. I /dont/ know whether su sets up a new session. i should try that experiment.<br>
><br>
> So perhaps you could have daemon tools run login or su to create a new session and see if the ht version can be run by daemontools in that session. Presumably daemons launched at boot aren't in the right state. (What an absurdity they've invented here).<br>
<br>
</span>Good suggestion to try, unfortunately it didn't work. I tried logging<br>
in as root to see if it would "initialize" that account to have those<br>
permissions, then logging out and starting the daemon. Same error.<br></blockquote><div><br></div><div>See <a href="http://superuser.com/questions/454465/make-ulimits-work-with-start-stop-daemon">http://superuser.com/questions/454465/make-ulimits-work-with-start-stop-daemon</a>. Apparently</div><div><br></div><span class="Apple-style-span" style="border-collapse:collapse;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;font-size:15px;line-height:19px"><p style="margin-top:0px;margin-right:0px;margin-bottom:1em;margin-left:0px;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;border-top-width:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;border-style:initial;border-color:initial;font-size:15px;clear:both">"At this time, you can't. <code style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;padding-top:1px;padding-right:5px;padding-bottom:1px;padding-left:5px;border-top-width:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;border-style:initial;border-color:initial;font-size:13px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;background-color:rgb(238,238,238);white-space:pre-wrap">limits.conf(5)</code> is the configuration for <code style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;padding-top:1px;padding-right:5px;padding-bottom:1px;padding-left:5px;border-top-width:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;border-style:initial;border-color:initial;font-size:13px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;background-color:rgb(238,238,238);white-space:pre-wrap">pam_limits(8)</code>, which is activated by the PAM stack according to the configuration in <code style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;padding-top:1px;padding-right:5px;padding-bottom:1px;padding-left:5px;border-top-width:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;border-style:initial;border-color:initial;font-size:13px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;background-color:rgb(238,238,238);white-space:pre-wrap">/etc/pam.d</code>. However, <code style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;padding-top:1px;padding-right:5px;padding-bottom:1px;padding-left:5px;border-top-width:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;border-style:initial;border-color:initial;font-size:13px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;background-color:rgb(238,238,238);white-space:pre-wrap">start-stop-daemon(8)</code> as launched from an init.d script doesn't pass through the PAM stack, so those kinds of settings are never applied.</p><p style="margin-top:0px;margin-right:0px;margin-bottom:1em;margin-left:0px;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;border-top-width:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;border-style:initial;border-color:initial;font-size:15px;clear:both">Debian bug <a href="https://bugs.debian.org/302079" rel="nofollow" style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;border-top-width:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;border-style:initial;border-color:initial;font-size:15px;text-decoration:none;color:rgb(0,130,163)">#302079</a> contains a patch to enable setting limits from <code style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;padding-top:1px;padding-right:5px;padding-bottom:1px;padding-left:5px;border-top-width:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;border-style:initial;border-color:initial;font-size:13px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;background-color:rgb(238,238,238);white-space:pre-wrap">start-stop-daemon(8)</code>, but the bug has been open since 2005 and the patch hasn't been merged yet.</p></span><div><span class="Apple-style-span" style="border-collapse:collapse;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;font-size:15px;line-height:19px">While not ideal, AFAIK the recommended way to accomplish this right now is to add a <code style="margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;padding-top:1px;padding-right:5px;padding-bottom:1px;padding-left:5px;border-top-width:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;border-style:initial;border-color:initial;font-size:13px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;background-color:rgb(238,238,238);white-space:pre-wrap">ulimit</code>call in your init.d script."</span></div><div><span class="Apple-style-span" style="border-collapse:collapse;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;font-size:15px;line-height:19px"><br></span></div><div><span class="Apple-style-span" style="border-collapse:collapse;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;font-size:15px;line-height:19px"><div>Looks like this is settable via ulimit -r; From man ulimit(1) (actually from bash (1))</div><div> -r The maximum real-time scheduling priority</div><div><br></div><div>Of course this may not work:</div><div><br></div></span>ulimit -r 3<span class="Apple-style-span" style="border-collapse:collapse;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;font-size:15px;line-height:19px"><div>$ </div></span><div>-bash: ulimit: real-time priority: cannot modify limit: Operation not permitted</div></div><div><br></div><div>But it's worth a try.</div><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">For the sake of progress, I've switched to using the ITHB vm.<br>
</blockquote></div><br>-- <br><div class="gmail_signature">best,<div>Eliot</div></div>
</div></div>