[one-users] Issue with picking up proper ulimits during contextualization

Richard Bettridge rbettridge at blackberry.com
Mon Jul 29 09:16:25 PDT 2013 

Thanks, I did try sudo with those args instead of su with no luck. I also put the ulimit in /etc/profile outside of the if statements all together with no luck. Pretty confused, possible I'm over looking something obvious.

In the mean time my colleague added ulimits in init.sh of our contextualization and that seems to have actually worked. Not sure if I like that as a solution permanently however.

I think I should continue to do some investigation, I'll mess around in one of our labs and see if I can document the changes and results for each suggestion.

Thanks,


Richard

From: users-bounces at lists.opennebula.org [mailto:users-bounces at lists.opennebula.org] On Behalf Of Jaime Melis
Sent: Monday, July 29, 2013 9:30 AM
To: Jon
Cc: users at lists.opennebula.org
Subject: Re: [one-users] Issue with picking up proper ulimits during contextualization

Hi Richard,

did you manage to get it working?

regards,
Jaime

On Fri, Jul 26, 2013 at 3:00 PM, Jon <three18ti at gmail.com<mailto:three18ti at gmail.com>> wrote:
Hello Richard,

What you are running into is the difference between an interactive shell (e.g. an ssh session) and a non-interactive shell (e.g. a startup shell).  [Depending on the distro] A default profile will check if your shell is interactive, and if so, load bashrc.

>From the first line of my /etc/profile (ubuntu 13.04):

>> if [ "$PS1" ]; then

So when your context script is executed, your .bashrc is never loaded.

In the past, I've had trouble with upstart jobs not starting Catalyst websites properly because the environment variables weren't being loaded.  The solution there was to use sudo instead of sudo:

Instead of
>> su foo -l -c starman /some/app.psgi

I used:
>> sudo -u foo -i starman /some/app.psgi

Also, I recently ran into something similar in my day job, where I was attempting to execute a script over ssh:

>> ssh root at hostname sudo somescript.pl<http://somescript.pl>

The problem I was running into was the environment variables were not being loaded (because the shell detected it was running non-interactively), so I invoked bash directly, which loaded the environment variables, so my ssh command became:

>> ssh -t x0319t62 '/usr/bin/bash -l -c "/usr/local/bin/sudo -u foo /path/to/somescript.pl<http://somescript.pl> "'

As Tino said, adding your directives to /etc/profile would cause them to be loaded whenever someone logs in.  Based on your e-mail, I don't think that's exactly what you are looking for (correct me if I'm wrong), so I think one of the above solutions might work for you.

e.g.:

Instead of:
>> su tomcatA -l -c "/var/jakarta-tomcatA/bin/startup.sh"

try:
>> sudo -u tomcatA -i "/var/jakarta-tomcatA/bin/startup.sh"

or:
>> bash -l -c 'sudo tomcatA -l "/var/jakarta-tomcatA/bin/startup.sh"'

Anyway, hope that helps.

Best Regards,
Jon A

On Fri, Jul 26, 2013 at 11:43 AM, Richard Bettridge <rbettridge at blackberry.com<mailto:rbettridge at blackberry.com>> wrote:
I'll give it a shot, still a little confused about why it doesn't work in the contextualization's shell but works with an ssh login.  Kind of new at this stuff.


Richard


-----Original Message-----
From: Tino Vazquez [mailto:cvazquez at c12g.com<mailto:cvazquez at c12g.com>]
Sent: Friday, July 26, 2013 12:40 PM
To: Richard Bettridge
Cc: users at lists.opennebula.org<mailto:users at lists.opennebula.org>
Subject: Re: [one-users] Issue with picking up proper ulimits during contextualization

Hi Richard,

Reading .bashrc with 'su' (even with -l) can be sometimes a difficult
task. Any chance of setting it in /etc/profile?

Regards,

-Tino
--
Constantino Vázquez Blanco, PhD, MSc
Senior Infrastructure Architect at C12G Labs
www.c12g.com<http://www.c12g.com> | @C12G | es.linkedin.com/in/tinova<http://es.linkedin.com/in/tinova>

--
Confidentiality Warning: The information contained in this e-mail and
any accompanying documents, unless otherwise expressly indicated, is
confidential and privileged, and is intended solely for the person
and/or entity to whom it is addressed (i.e. those identified in the
"To" and "cc" box). They are the property of C12G Labs S.L..
Unauthorized distribution, review, use, disclosure, or copying of this
communication, or any part thereof, is strictly prohibited and may be
unlawful. If you have received this e-mail in error, please notify us
immediately by e-mail at abuse at c12g.com<mailto:abuse at c12g.com> and delete the e-mail and
attachments and any copy from your system. C12G thanks you for your
cooperation.


On Fri, Jul 26, 2013 at 5:11 PM, Richard Bettridge
<rbettridge at blackberry.com<mailto:rbettridge at blackberry.com>> wrote:
> Hey,
>
>
>
> I'm having an issue where the ulimit for open files isn't being set properly
> when I spin up a process for a user during contextualization.
>
>
>
> Upon start up of the non-persistent ubuntu 12 image, I am setting
> limits.conf to what I want and I'm explicitly adding ulimit -n 65536 to the
> user's .bashrc. However at the end of my 90_tomcat script when I execute the
> tomcat process the ulimit is not being picked up and is set to 1024 instead
>
>
>
> As a test in my 90_tomcat script I'm running ulimit -a >> /tmp/tomcatsu.txt
>
>
>
> root at host002:/mnt# cat 90_tomcat |grep "su tomcatA"
>
> su tomcatA -l -c "ulimit -a >> /tmp/tomcatsu.txt"
>
>
>
>
>
> So this gets run at the end of 90_tomcat:
>
> su tomcatA -l -c "ulimit -a >> /tmp/tomcatsu.txt"
>
> su tomcatA -l -c "/var/jakarta-tomcatA/bin/startup.sh"
>
>
>
> When I cat the txt file it says 1024:
>
>
>
> root at host002:/etc/pam.d# cat /tmp/tomcatsu.txt |grep open
>
> open files                      (-n) 1024
>
>
>
> But when I log in manually as root and run /mnt/90_tomcat by hand I end up
> getting the proper ulimit:
>
>
>
> root at host002:/etc/pam.d# cat /tmp/tomcatsu.txt |grep open
>
> open files                      (-n) 65536
>
>
>
>
>
> Not sure what the issue but I'd appreciate any input.
>
>
>
> Thanks,
>
>
>
>
>
> Richard Bettridge
>
> Systems Engineering Specialist
> BlackBerry
>
>
>
> ---------------------------------------------------------------------
> This transmission (including any attachments) may contain confidential
> information, privileged material (including material protected by the
> solicitor-client or other applicable privileges), or constitute non-public
> information. Any use of this information by anyone other than the intended
> recipient is prohibited. If you have received this transmission in error,
> please immediately reply to the sender and delete this information from your
> system. Use, dissemination, distribution, or reproduction of this
> transmission by unintended recipients is not authorized and may be unlawful.
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org<mailto:Users at lists.opennebula.org>
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
_______________________________________________
Users mailing list
Users at lists.opennebula.org<mailto:Users at lists.opennebula.org>
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


_______________________________________________
Users mailing list
Users at lists.opennebula.org<mailto:Users at lists.opennebula.org>
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org



--
Join us at OpenNebulaConf2013<http://opennebulaconf.com/> in Berlin, 24-26 September, 2013
--
Jaime Melis
Project Engineer
OpenNebula - The Open Source Toolkit for Cloud Computing
www.OpenNebula.org<http://www.OpenNebula.org> | jmelis at opennebula.org<mailto:jmelis at opennebula.org>

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130729/8ebb6d2a/attachment-0002.htm>

More information about the Users mailing list