From nobody@FreeBSD.org  Sat Oct  8 19:53:43 2011
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1B25B106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Sat,  8 Oct 2011 19:53:43 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 0B2D78FC15
	for <freebsd-gnats-submit@FreeBSD.org>; Sat,  8 Oct 2011 19:53:43 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id p98Jrgcr091546
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 8 Oct 2011 19:53:42 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id p98Jrgh8091532;
	Sat, 8 Oct 2011 19:53:42 GMT
	(envelope-from nobody)
Message-Id: <201110081953.p98Jrgh8091532@red.freebsd.org>
Date: Sat, 8 Oct 2011 19:53:42 GMT
From: Mathieu <sigsys@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: have service(8) run scripts with the same resource limits as init(8)
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         161401
>Category:       bin
>Synopsis:       [patch] have service(8) run scripts with the same resource limits as init(8)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Oct 08 20:00:04 UTC 2011
>Closed-Date:    
>Last-Modified:  Mon Oct 10 05:09:55 UTC 2011
>Originator:     Mathieu
>Release:        8.2-STABLE r225884M
>Organization:
>Environment:
>Description:
init(8) runs /etc/rc (and /etc/rc.shutdown) with the resource limits of the "daemon" class. But starting/restarting a service with service(8) will lose those limits and the service will inherit the limits of the user issuing the command.

This feature doesn't seem well documented, but still I think it would make sense for service to do the same thing as init.

>How-To-Repeat:

>Fix:
Index: usr.sbin/service/service.sh
===================================================================
--- usr.sbin/service/service.sh	(revision 225884)
+++ usr.sbin/service/service.sh	(working copy)
@@ -110,7 +110,7 @@
 for dir in /etc/rc.d $local_startup; do
 	if [ -x "$dir/$script" ]; then
 		[ -n "$VERBOSE" ] && echo "$script is located in $dir"
-		exec env -i HOME=/ PATH=/sbin:/bin:/usr/sbin:/usr/bin $dir/$script $*
+		exec limits -C daemon -E HOME=/ PATH=/sbin:/bin:/usr/sbin:/usr/bin $dir/$script $*
 	fi
 done
 

>Release-Note:
>Audit-Trail:
>Unformatted:
