轻松编写/proc/self/oom_score_adj [英] EACCESS writing /proc/self/oom_score_adj

问题描述

我正在尝试编译锁"以实现一些调整.它无法启动，就这样:

I'm trying to compile "slock" to implement some tweaks. It fails to start, on this:

#ifdef __linux__
#include <fcntl.h>

static void
dontkillme(void) {
    int fd;

    fd = open("/proc/self/oom_score_adj", O_WRONLY);
    if (fd < 0 && errno == ENOENT)
        return;
    if (fd < 0 || write(fd, "-1000\n", 6) != 6 || close(fd) != 0)
        die("cannot disable the out-of-memory killer for this process\n");
}
#endif

我继续进行了一些调试，发现我从write()获得了EACCESS.

I went ahead and did some debugging, and found out I get EACCESS from the write().

有什么收获?我认为这是一些安全功能，因为如果流程可以更改此值，这并不酷-但是我在做什么错呢?为了完成这项工作，二进制文件上是否有一些特殊的文件系统标志?

What's the catch? I believe this is some security feature, as it's not cool if processes can change this value - but what am I doing wrong? Is there some special filesystem flag on the binary to be set, to get this work?

推荐答案

查看内核中的Documentation/filesystems/proc.txt:

/proc/pid/oom_score_adj的值不得小于 CAP_SYS_RESOURCE进程设置的最后一个值.降低价值 任何更低的要求都需要CAP_SYS_RESOURCE.

The value of /proc/pid/oom_score_adj may be reduced no lower than the last value set by a CAP_SYS_RESOURCE process. To reduce the value any lower requires CAP_SYS_RESOURCE.

这意味着您必须是root用户，或者必须具有CAP_SYS_RESOURCE功能才能将此值设置为低于默认值.

Which means that you must be either root or have CAP_SYS_RESOURCE capability at some point to set this lower than the default.

这篇关于轻松编写/proc/self/oom_score_adj的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！