我想为 /etc/init.d 中的每个服务设置安全限制说
ulimit -c unlimited
但这应该在发出“ service <process> start”或“ /etc/init.d/<process> start”时执行。
是否有通用路径,所以如果我们在那里写,它将适用于“启动”服务时的所有服务。
问问题
1108 次
2 回答
1
如果您创建这样的文件:
/etc/init.d/.commonStuff
并将您希望对所有脚本通用的命令放入其中:(没有 '#!/usr/bin/bash' 行)
# This code is meant to be included by another script.
ulimit -c unlimited
umask 027
THIS_VARIABLE="will exist once the include is completed"
export THIS_VALIABLE # And now it is exportable too
然后在每个脚本中,您可以添加这些行(在方便的地方):
# Include the common settings
. /etc/init.d/.commonStuff
前导点是“包含其他文件”指示器。
确保新文件受到保护(即由 root 拥有),并从中删除可执行标志,以明确它不打算单独执行。(访问权限不应超过 644)。
于 2014-10-23T21:12:07.003 回答
0
The files in /etc/init.d/ are pretty much all bash shell scripts. So this is a bit dirty but you could replace /bin/sh with a script but you have to be very careful how you do it so you don't bork your system in the process.
First create a file sh.wrap in the current directory with these contents:
#/bin/sh.real
ulimit -c unlimited
/bin/sh.real "$@"
Then install it like this:
chmod +x sh.wrap
sudo cp /bin/sh /bin/sh.real
sudo mv sh.wrap /bin/sh
This is a dirty hack but it could work for what you want to do.
I recommend you figure out why using /etc/security/limits.conf is not working for you and use this instead but I really hate "why would you do that?" answers.
于 2014-10-23T21:31:46.260 回答