Linux – ny use for RLIMIT_NICE

linuxnicepriorityulimit

I am using prlimit in Ubuntu to do some resource restrictions in my sandbox which has been very helpful. However, I am not quite sure what to do with RLIMIT_NICE. The docs say:

RLIMIT_NICE (since Linux 2.6.12, but see BUGS below)
Specifies a ceiling to which the process's nice value can be
raised using setpriority(2) or nice(2).

However, according to getpriority(2), a process can raise it's nice value only if owned by a superuser in the first place. But if this is the case, the RLIMIT_NICE value is not going to add too any functionality because a privileged user can arbitrarily lower or higher RLIMIT values anyway.

So I don't understand how to use or interpret RLIMIT_NICE. For non-privileged users the entire thing seems useless because they cannot raise priority in the first place, and it makes no sense to set it below the current priority. However for superusers it doesn't really add anything either because the nice, and RLIMIT_NICE soft- and hard limits can arbitrarily be raised.

So what is the idea behind RLIMIT_NICE ?

Best Answer

In fact, RLIMIT_NICE allows you to bypass the basic rule that says that "a process can raise its nice value only if owned by root".

Demonstration:

# ulimit -e 30
# su nobody
$ nice -n -10 top

You will see that your top process runs with niceness -10.

Now if you try nice -n -11 top, it will run with niceness 0, because -11 is not allowed by RLIMIT_NICE=30.

The formula is given in the manpage: the maximal niceness allowed is 20-rlimit. So:

  • 0 means "you can raise niceness to 20", a.k.a. useless;
  • 20 means "you can raise niceness to 0", which lets you go back to 0 if you lowered your priority;
  • 40 means "you can start processes up to nice -n -20.
Related Question