• Adam Tkac's avatar
    rlimit: permit setting RLIMIT_NOFILE to RLIM_INFINITY · 0c2d64fb
    Adam Tkac authored
    When a process wants to set the limit of open files to RLIM_INFINITY it
    gets EPERM even if it has CAP_SYS_RESOURCE capability.
    
    For example, BIND does:
    
    ...
    #elif defined(NR_OPEN) && defined(__linux__)
            /*
             * Some Linux kernels don't accept RLIM_INFINIT; the maximum
             * possible value is the NR_OPEN defined in linux/fs.h.
             */
            if (resource == isc_resource_openfiles && rlim_value == RLIM_INFINITY) {
                    rl.rlim_cur = rl.rlim_max = NR_OPEN;
                    unixresult = setrlimit(unixresource, &rl);
                    if (unixresult == 0)
                            return (ISC_R_SUCCESS);
            }
    #elif ...
    
    If we allow setting RLIMIT_NOFILE to RLIM_INFINITY we increase portability
    - you don't have to check if OS is linux and then use different schema for
    limits.
    
    The spec says "Specifying RLIM_INFINITY as any resource limit value on a
    successful call to setrlimit() shall inhibit enforcement of that resource
    limit." and we're presently not doing that.
    
    Cc: Michael Kerrisk <mtk.manpages@googlemail.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    0c2d64fb
sys.c 42.2 KB