1

I have on a Linux server with SuSE Linux Enterprise 15 SP5 the following situation:

I have two unpriv users "sisis" and "jenkins" which are both allowed (based on entries in /etc/security/limits.conf) to run the shell build-in command "ulimit -c unlimited":

linux:~ # su - jenkins jenkins@linux:~> id uid=1003(jenkins) gid=100(users) Gruppen=100(users) jenkins@linux:~> ulimit -c unlimited ; echo $? 0 exit linux:~ # su - sisis sisis@linux:~> id uid=900118(sisis) gid=900118(sisis) Gruppen=900118(sisis),403(userdevl) sisis@linux:~> ulimit -c unlimited ; echo $? 0 exit

But, when the user "jenkins" wants to do this in a shell script as user "sisis", this gives an error:

linux:~ # su - jenkins jenkins@linux:~> cat /tmp/ulimit.sh #!/bin/sh export LANG=C ulimit -c unlimited jenkins@linux:~> sudo -u sisis -g sisis /tmp/ulimit.sh /tmp/ulimit.sh: line 3: ulimit: core file size: cannot modify limit: Operation not permitted

The background of this silly question is, that for test automation from another server (a Jenkins Continuous Integration server) jobs are started remotely as

ssh jenkins@linux bash CATserver_start.sh + sudo -u sisis /opt/lib/sisis/catserver/etc/S99catserver.testdb start

i.e. the "ulimit -c unlimited" command is issued in the above shellscript /opt/lib/sisis/catserver/etc/S99catserver.testdb which in production is started as user "sisis", but in test automation from the Jenkins CI server via SSH as user "jenkins".

Any ideas?

Additional information to answer the question in the comment:

The real command is as given:

ssh jenkins@linux bash CATserver_start.sh + sudo -u sisis /opt/lib/sisis/catserver/etc/S99catserver.testdb start

The exmples given with the script /tmp/ulimit.sh was only to simplfy the problem. The script /opt/lib/sisis/catserver/etc/S99catserver.testdb uses as she-bang #!/bin/bash and after su - sisis the user uses also a bash:

linux:~ # su - sisis sisis@linux:~> ps PID TTY TIME CMD 21146 pts/1 00:00:00 bash sisis@linux:~> ulimit -a core file size (blocks, -c) unlimited data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 14448 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 65535 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 65535 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited
Improve this question
6
  • To start with: Is it actually the same command? Your script is interpreted by /bin/sh, but is that the same shell as you get when doing su to the user? Second, what current limits does the command report (e.g. from ulimit -a) immediately before trying to modify them? Commented Aug 13, 2024 at 7:37
  • Sorry. Done now. Commented Aug 13, 2024 at 10:56
  • maybe related: superuser.com/q/396102 Commented Aug 13, 2024 at 13:49
  • 2
    Possibly related? suse.com/support/kb/doc/?id=000020902 Commented Aug 13, 2024 at 17:38
  • The last comment made by tink points to the tested solution. Thanks. Commented Aug 14, 2024 at 4:49

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.