I wonder if anyone could assist with some problems I'm having with Linux Capabilities and their use when using the commands "nice" and "schedtool".
I run a couple of PCs, one is an elderly AMD Sempron 2800+ (32-bit, 2GHz clock and 3GB memory) that is used as a family multimedia system running mythTV. The other is an AMD Phenom II X3 (64-bit, three core, 2.5GHz, 4GB memory). Both systems run Ubuntu 10.04 LTS 32-bit and 64-bit versions respectively.
Ever since upgrading both systems to 10.04 I have had persistent, initially severe stuttering audio when using Rhythmbox and, on the media PC only, lesser problems with stuttering TV playback with mythTV. When I reverted from pulseaudio to ALSA, the severe problems with rhythmbox were cured on the desktop PC and alleviated on the media PC.
I am now attempting deal with the remaining problems on the media PC and, using rhythmbox as a guinea pig, I would like to try running rhythmbox either with a lower nice setting or scheduled as a real time process (SCHED_RR).
I wrote a (very short) script containing "nice --adjustment=-10 rhythmbox", gave the script execute and setuid root priviledges and called it. Gnome objected to this telling me that, as a matter of policy, gnome will not run any process as root.
Further research suggested that I needed instead to give the script file the capability cap_sys_nice+eip. The script's nice call was rejected due "insufficient privilege".
I've therefore written the following trivial script, test-file-caps:
and here is an example of it's use. You will see that despite the file having the cap_sys_nice capability, that capability is not present when it executes.
Code:
mike@orion:~/scripts$ ls -l ./test-file-caps
-rwxr--r-- 1 mike mike 167 2012-02-08 16:12 ./test-file-caps
mike@orion:~/scripts$ getcap ./test-file-caps
./test-file-caps = cap_sys_nice+eip
mike@orion:~/scripts$ ./test-file-caps
nice replies:
nice: cannot set niceness: Permission denied
capsh replies:
Current: =
Bounding set =cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,
cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,
cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,
cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,
cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,
cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,
cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,
cap_mac_admin
Securebits: 00/0x0
secure-noroot: no (unlocked)
secure-no-suid-fixup: no (unlocked)
secure-keep-caps: no (unlocked)
uid=1000
mike@orion:~/scripts$
Can anyone please give me any suggestions or pointers to information that I'm lacking.
We are looking into buying a new software, billing software that is, and want to know if you can run that on the same UNIX server as another major software?
Is there a limit to the different types of software Unix can run, or is it like windows where you can install as many as you like?
... (2 Replies)
Hi there.
I've been tasked with making a new design for our Unix systems :eek:
Now the question I have is;
How many LPARs can a p570 hold WITHOUT using a VIO Server.
Many Thanks
Kees (1 Reply)
Hi.
I downloaded a package that could only be installed on RHEL5, and not 4 or 3, so I got the source in order to compile it on RHEL 3 so hopefully it will work on all versions.
So I have the source for a working package, but when I build it in RHEL 3 and then try to install it in RHEL 5, it... (6 Replies)
I have been a SCO UNIX user, never an administrator...so I am stumbling around looking for information.
I don't know too much about what is onboard in terms of hardware, however; I will try my best.
We have SCO 5.07 and have applied MP5.
We have a quad core processor with 4 250 GB... (1 Reply)
Hi
I'm trying to compile my linux kernel with CONFIG_SECURITY_CAPABILITIES=y.
any idea what this thing does ??
Also another question , If I compile the kernel that I'm currently using , what'll happen ?
~cheers (3 Replies)
Quite an obscure question I think.
We have a rebuild process for remote sites that allows us to PXE rebuild a till (actually a PC with a touch screen and various fancy bits) running CentOS. The current CentOS5 tills work just fine with a tar image restore and some personalisation. Sadly,... (4 Replies)
Discussion started by: rbatte1
4 Replies
LEARN ABOUT ULTRIX
nohup
nice(1) General Commands Manual nice(1)Name
nice, nohup - execute a command at a lower priority
Syntax
nice [-number] command [arguments]
nohup command [arguments]
Description
The command executes command with low scheduling priority (Bourne Shell only). If the number argument is present, the priority is incre-
mented (higher numbers mean lower priorities) by that amount up to a limit of 20. The default number is 10.
The super-user may run commands with priority higher than normal by using a negative priority, for example, `--10'.
The command executes command immune to hangup and terminate signals from the controlling terminal. The priority is incremented by 5. The
command should be invoked from the shell with an ampersand (&) in order to prevent it from responding to interrupts by or stealing the
input from the next person who logs in on the same terminal. The syntax of is also different.
Options-number Increments the priority by a specified number up to a limit of 20. The default is 10.
Restrictions
The and commands are particular to If you use then commands executed with an ampersand (&) are automatically immune to hangup signals while
in the background. There is a built-in command which provides immunity from terminate, but it does not redirect output to nohup.out.
The command is built into with a slightly different syntax than described here. The form ``nice +10'' nices to positive nice, and ``nice
-10'' can be used by the superuser to give a process more of the processor.
Diagnostics
The command returns the exit status of the subject command.
Files
nohup.out standard output and standard error file under nohup
See Alsocsh(1), getpriority(2), renice(8)nice(1)
02-08-2012
