Ticket #1490: 0001-Gain-privileges-before-execd-kills-rogue-processes.patch

File 0001-Gain-privileges-before-execd-kills-rogue-processes.patch, 1.1 KB (added by markdixon, 6 years ago)

Added by email2trac

  • source/libs/uti2/sge_cgroup.c

    From 82adc80c65a92e01e7d487b4992b02a4328f8285 Mon Sep 17 00:00:00 2001
    From: Mark Dixon <m.c.dixon@leeds.ac.uk>
    Date: Mon, 9 Dec 2013 11:46:54 +0000
    Subject: [PATCH] Gain privileges before execd kills rogue processes
    
    The rogue process detection enabled when USE_CGROUPS=1 attempts to kill
    processes as the sge admin user. As that user doesn't normally have the
    privileges to do so, this patch temporarily gains the privileges of the
    daemon's starting user (typically root) before killing processes.
    ---
     source/libs/uti2/sge_cgroup.c |    2 ++
     1 files changed, 2 insertions(+), 0 deletions(-)
    
    diff --git a/source/libs/uti2/sge_cgroup.c b/source/libs/uti2/sge_cgroup.c
    index 7f5bcc4..8d413dc 100644
    a b remove_shepherd_cpuset(u_long32 job, u_long32 task, pid_t pid) 
    477477          rogue = true;
    478478          if (l) INFO((SGE_EVENT, "rogue: "SFN2, replace_char(cmd, l, '\0', ' ')));
    479479
     480          sge_switch2start_user();
    480481          kill(rpid, SIGKILL);
     482          sge_switch2admin_user();
    481483      }
    482484   }
    483485   fclose(fp);