mirror of https://git.kore.io/kore.git
call setrlimit() before we drop privs.
This commit is contained in:
parent
5f1238c2dc
commit
b0ff041709
14
src/worker.c
14
src/worker.c
|
@ -197,6 +197,13 @@ kore_worker_entry(struct kore_worker *kw)
|
|||
fatal("cannot chdir(): %s", errno_s);
|
||||
}
|
||||
|
||||
rl.rlim_cur = worker_rlimit_nofiles;
|
||||
rl.rlim_max = worker_rlimit_nofiles;
|
||||
if (setrlimit(RLIMIT_NOFILE, &rl) == -1) {
|
||||
kore_log(LOG_ERR, "setrlimit(RLIMIT_NOFILE, %d): %s",
|
||||
worker_rlimit_nofiles, errno_s);
|
||||
}
|
||||
|
||||
if (getuid() != pw->pw_uid) {
|
||||
if (setgroups(1, &pw->pw_gid) ||
|
||||
#ifdef __MACH__
|
||||
|
@ -209,13 +216,6 @@ kore_worker_entry(struct kore_worker *kw)
|
|||
fatal("unable to drop privileges");
|
||||
}
|
||||
|
||||
rl.rlim_cur = worker_rlimit_nofiles;
|
||||
rl.rlim_max = worker_rlimit_nofiles;
|
||||
if (setrlimit(RLIMIT_NOFILE, &rl) == -1) {
|
||||
kore_log(LOG_ERR, "setrlimit(RLIMIT_NOFILE, %d): %s",
|
||||
worker_rlimit_nofiles, errno_s);
|
||||
}
|
||||
|
||||
(void)snprintf(buf, sizeof(buf), "kore [wrk %d]", kw->id);
|
||||
kore_platform_proctitle(buf);
|
||||
kore_platform_worker_setcpu(kw);
|
||||
|
|
Loading…
Reference in New Issue