轻松编写/proc/self/oom_score_adj [英] EACCESS writing /proc/self/oom_score_adj
问题描述
我正在尝试编译锁"以实现一些调整.它无法启动,就这样:
I'm trying to compile "slock" to implement some tweaks. It fails to start, on this:
#ifdef __linux__
#include <fcntl.h>
static void
dontkillme(void) {
int fd;
fd = open("/proc/self/oom_score_adj", O_WRONLY);
if (fd < 0 && errno == ENOENT)
return;
if (fd < 0 || write(fd, "-1000\n", 6) != 6 || close(fd) != 0)
die("cannot disable the out-of-memory killer for this process\n");
}
#endif
我继续进行了一些调试,发现我从write()
获得了EACCESS.
I went ahead and did some debugging, and found out I get EACCESS from the write()
.
有什么收获?我认为这是一些安全功能,因为如果流程可以更改此值,这并不酷-但是我在做什么错呢?为了完成这项工作,二进制文件上是否有一些特殊的文件系统标志?
What's the catch? I believe this is some security feature, as it's not cool if processes can change this value - but what am I doing wrong? Is there some special filesystem flag on the binary to be set, to get this work?
推荐答案
查看内核中的Documentation/filesystems/proc.txt
:
/proc/pid/oom_score_adj的值不得小于 CAP_SYS_RESOURCE进程设置的最后一个值.降低价值 任何更低的要求都需要CAP_SYS_RESOURCE.
The value of /proc/pid/oom_score_adj may be reduced no lower than the last value set by a CAP_SYS_RESOURCE process. To reduce the value any lower requires CAP_SYS_RESOURCE.
这意味着您必须是root用户,或者必须具有CAP_SYS_RESOURCE功能才能将此值设置为低于默认值.
Which means that you must be either root or have CAP_SYS_RESOURCE capability at some point to set this lower than the default.
这篇关于轻松编写/proc/self/oom_score_adj的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!