On Tue, 5 Aug 2014, Philip Guenther wrote:
On Tue, Aug 5, 2014 at 6:49 AM, Ed Hynan <eh_l...@optonline.net> wrote:
Failure to set the resource limits isn't considered fatal for
setusercontext(). It would be Bad if a typo there could leave you unable
to login or su to root...
Agreed. My case is a less drastic example: it's good that that su
succeeded so the job could run.
The new log message is good too, I'm glad I saw it and could respond.
BTW, setusercontext(3) does not mention that setting resource failure
is not fatal.
So, the absence openfiles-max in the original login.conf is
intentional? Before that log message, I was never prompted to
think this through this far.
It wasn't necessary to set them, so why over-specify them? IIRC, we had
actually increased the defaults not too long ago to handle the increased
demands of stuff like gnome and firefox. If we wrote out all the limits,
then upgrades would be more painful as more lines would have to change.
I suppose higher limits are easier all around, particularly re. the sort
of software you mention. I recall changing menus to use a wrapper
script because firefox was exceeding a files soft limit (NetBSD 2.0 I
think, but that's beside the point).
OTOH, lower limits expose more bad code. Just mentioning that, not
suggesting OpenBSD shouldn't increase limits.
-Ed
