Listek Consulting

Listek Consulting

309.319.6385
  • twitter
  • facebook
  • linkedin
  • Home
  • About
  • Services
  • Pricing
  • Testimonials
  • Articles
  • Contact Us

Sudo, Too Many Processes

Sudo, Too Many Processes

Overview

When you are setting up a new Linux computer (or an existing one that you have made changes on), you may run into the following error when attempting to elevate to “root” using “sudo”.

sudo: PERM_ROOT: setresuid(0, -1, -1): too many processes

I encountered this after a new Linux VPS was set up and I was attempting to run the following command (or really any “sudo” command):

sudo su -

Note: The above command allows you to get a root shell, even if you have root SSH access denied.

Resolution

The fix to this was to disable WHM Shell Fork Bomb Protection via the interface. The reason that you may not always see this is if your SSH session doesn’t quite hit the limits of allowed processes and lets you spawn one more for the “sudo” session. In my case, it would not, I just had too many processes.

Reference: https://documentation.cpanel.net/display/ALD/Shell+Fork+Bomb+Protection

Additional Details

To look a little more in depth about how you can tell if this is happening is to look at the ulimits yourself.

Below is an Unprivileged User with Shell Fork Bomb Protection Enabled, notice the Max User Processes capped at 35.

[email protected] [~]# ulimit -a
core file size          (blocks, -c) 200000
data seg size           (kbytes, -d) 200000
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1031091
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) 200000
open files                      (-n) 100
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 35
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Below is the same user with Shell Fork Bomb Protection Disabled

[email protected] [~]# ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1031091
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1031091
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

 

Search

Testimonials

  • I worked with Adam as a consultant installing and configuring Altiris at Illinois State. Adam is extremely sharp and was using the product with considerable skill before my engagement was over. Since… read more →
    Stu Harris – ITAM Consulting Lead at ITS Partners
  • Adam never ceased to amaze me with his technical background. He proved to me on more than one occasion that his knowledge in IT is exceptional. More importantly, Adam is an excellent… read more →
    Chris Wanzung – IT Support Specialist at Young Innovations
  • Adam is an extremely focused, results driven individual who always ensures deadlines are met. In the time I spent working with Adam at Illinois State University, he was always extremely professional and… read more →
    Steve Koivisto – Manager, Information Technology at Horizon Pharma
  • Adam does nearly all of the on-site website optimization for my clients. We've been working together for almost a year now. He is incredibly competent in programming and web design. What distinguishes… read more →
    Chris Al-Aswad – Founder at Escape Into Life
back up
© Copyright 2021 Listek Consulting