Package: and Version: 1.2.2-4.1 Severity: normal Hi..
I just switched from reniced to and, and must say that it is wonderful, simple but flexible tool! I have small suggestion. and can be started by normal user, and there is nothing wrong with it, as beyond administrator, some users can prioritize they computations and other tasks for some reasons. Also users can renice own tasks without problem. And and is perfect for this task. It actually fits nicely to the fact that and never increases priorities, exactly the same way normal users cannot by itself increase nice level beyond what limit they have. It would be great if when started as non-root user, and will completely ignore tasks, (column user in configuration fill should still be respected thought), and do not attempt to renice them under any possibility. They will not even enter into matching process (beyond determining if we want to skip them, of course) to make it even simpler. Maybe there is even faster way to read tasks of one user, than filtering. (of course user cannot change nice level of other users, so it do not change behavior as is, but is a waste of resources, [consider VERY BIG server with thousands of jobs], and also can be a problem with someone wants to audit system calls, and look what is going - and started by such user will generate lots of renice errors in system logs) Also for this reasons I think that -c and -d , options should be mandatory, and not defaulted to /etc/and.* files. This isn't problem as it is a simple change to initscript. And will make user not use system wide files by accident. (they still can, by for example using system and.conf, but own and.priorities, but need to do this explicitly). Hiding tool in /usr/sbin/ do not help in any way. Much better way would be to make a special group, which wil own /usr/sbin/and, and users of this group will only have right to run it. But this is unneeded, as user normally do no have right to increase priority, even by them itself. So this tool by itself cannot undo policies set by system wide and. There are situations where user can increase priorities of own process, but this only happens if it was added to /etc/limits/security.conf with explicit nice limit (possibly negative). But if such entry is present, then anyway user can write own script which will perform reniceing, and even removing renice binary will not help here, are there are ways to do this. And if we added him or his group to security.conf with such nice entry, then apparently administrator knows what he is doing, and allows for this. What do you think? it is simple change. Thanks. -- System Information: Debian Release: 6.0 APT prefers stable APT policy: (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=pl_PL.utf8, LC_CTYPE=pl_PL.utf8 (charmap=UTF-8) (ignored: LC_ALL set to pl_PL.utf8) Shell: /bin/sh linked to /bin/dash Versions of packages and depends on: ii libc6 2.11.2-11 Embedded GNU C Library: Shared lib and recommends no packages. and suggests no packages. -- Configuration Files: /etc/and.priorities changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
