commit b0ff041709a69247a8a01bf28098b39625269c99
parent 5f1238c2dc3d1ff8559c32fa5280779b8423df55
Author: Joris Vink <joris@coders.se>
Date: Thu, 9 Apr 2015 10:06:18 +0200
call setrlimit() before we drop privs.
Diffstat:
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/worker.c b/src/worker.c
@@ -197,6 +197,13 @@ kore_worker_entry(struct kore_worker *kw)
fatal("cannot chdir(): %s", errno_s);
}
+ rl.rlim_cur = worker_rlimit_nofiles;
+ rl.rlim_max = worker_rlimit_nofiles;
+ if (setrlimit(RLIMIT_NOFILE, &rl) == -1) {
+ kore_log(LOG_ERR, "setrlimit(RLIMIT_NOFILE, %d): %s",
+ worker_rlimit_nofiles, errno_s);
+ }
+
if (getuid() != pw->pw_uid) {
if (setgroups(1, &pw->pw_gid) ||
#ifdef __MACH__
@@ -209,13 +216,6 @@ kore_worker_entry(struct kore_worker *kw)
fatal("unable to drop privileges");
}
- rl.rlim_cur = worker_rlimit_nofiles;
- rl.rlim_max = worker_rlimit_nofiles;
- if (setrlimit(RLIMIT_NOFILE, &rl) == -1) {
- kore_log(LOG_ERR, "setrlimit(RLIMIT_NOFILE, %d): %s",
- worker_rlimit_nofiles, errno_s);
- }
-
(void)snprintf(buf, sizeof(buf), "kore [wrk %d]", kw->id);
kore_platform_proctitle(buf);
kore_platform_worker_setcpu(kw);