Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED Error running command as another user

Discussion in 'General Discussion' started by oscarenzo, Jan 18, 2017.

  1. oscarenzo

    oscarenzo Active Member

    Joined:
    Nov 16, 2011
    Messages:
    28
    Likes Received:
    2
    Trophy Points:
    53
    cPanel Access Level:
    Root Administrator
    Hello

    I've a cpanel WHM 60.0 (build 34) with centos 6 and have a problem, I use xymon for monitoring some process, the script basically run as xymon using sudo for do queries to exim, like:

    exim -bpr, exim -bpc, etc

    I configured sudoers and if I run manually the command su xymon -c "command" run as well, but when the script run in background now work and in my log show this error message:

    sudo: PERM_ROOT: setresuid(0, -1, -1): too many processes
    sudo: PERM_ROOT: setresuid(0, -1, -1): too many processes

    I come from centos 5 and not have a problems, in some forums and blogs see that disabling the cpanel shell fork bomb protection is solved but I prefer not, are there some way to increment the limit or apply some exception to this user?

    Thank you.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Discussion on the manual modification of the settings that Shell Fork Bomb Protection enables is found at:

    The purpose of /etc/profile.d/limit.sh

    Otherwise, you'd need to disable Shell Fork Bomb Protection to prevent this from happening.

    Thank you.
     
    GilbertoArias likes this.
  3. oscarenzo

    oscarenzo Active Member

    Joined:
    Nov 16, 2011
    Messages:
    28
    Likes Received:
    2
    Trophy Points:
    53
    cPanel Access Level:
    Root Administrator
    Thank you MIchael, I've edited the file of this way:

    Code:
    #cPanel Added Limit Protections -- BEGIN
    
    #unlimit so we can run the whoami
    ulimit -n 4096 -u 14335 -m unlimited -d unlimited -s 8192 -c 1000000 -v unlimited 2>/dev/null
    
    LIMITUSER=$USER
    if [ -e "/usr/bin/whoami" ]; then
            LIMITUSER=`/usr/bin/whoami`
    fi
    #Custom   Part for xymon exim queue check
    if [ "$LIMITUSER" == "xymon" ]; then
           ulimit -n 100 -u 70 -m 200000 -d 200000 -s 8192 -c 200000 -v unlimited 2>/dev/null
    elif [ "$LIMITUSER" != "root" ]; then
            ulimit -n 100 -u 35 -m 200000 -d 200000 -s 8192 -c 200000 -v unlimited 2>/dev/null
    else
           ulimit -n 4096 -u 14335 -m unlimited -d unlimited -s 8192 -c 1000000 -v unlimited 2>/dev/null
    fi
    #cPanel Added Limit Protections -- END
    But still showing the problem, need to edit the file limits.csh also?, then when run ulimit with this user have unlimited yet without do some modification:
    Code:
    [root@xxx profile.d]# su xymon -c "ulimit -a"
    core file size          (blocks, -c) 1000000
    data seg size           (kbytes, -d) unlimited
    scheduling priority             (-e) 0
    file size               (blocks, -f) unlimited
    pending signals                 (-i) 63398
    max locked memory       (kbytes, -l) 64
    max memory size         (kbytes, -m) unlimited
    open files                      (-n) 4096
    pipe size            (512 bytes, -p) 8
    POSIX message queues     (bytes, -q) 819200
    real-time priority              (-r) 0
    stack size              (kbytes, -s) 8192
    cpu time               (seconds, -t) unlimited
    max user processes              (-u) 1024
    virtual memory          (kbytes, -v) unlimited
    file locks                      (-x) unlimited
    
    thank you.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    I have seen previous threads where users also needed to adjust the limits.csh file. Let us know if that helps.

    Thank you.
     
  5. GilbertoArias

    GilbertoArias Registered

    Joined:
    Sep 3, 2017
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    mex
    cPanel Access Level:
    Reseller Owner
    EXCELLENT RECOMMENDATION, WORKS FOR ME ;-) I "disable Shell Fork Bomb Protection " just for a time in order to use Transfer tool.
     
Loading...

Share This Page