Current Path : /usr/src/crypto/heimdal/appl/rsh/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
Current File : //usr/src/crypto/heimdal/appl/rsh/limits_conf.c |
/* * Copyright (c) 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include "login_locl.h" RCSID("$Id: limits_conf.c 19215 2006-12-04 23:41:18Z lha $"); #include <errno.h> #include <limits.h> #ifdef HAVE_SYS_RESOURCE_H #include <sys/resource.h> #endif struct limit { const char *name; int resource; int scale; int has_limit; struct rlimit limit; } limits[] = { #define LIM(X, S) { #X, RLIMIT_##X, S, 0 } LIM(CORE, 1024), LIM(CPU, 60), LIM(DATA, 1024), LIM(FSIZE, 1024), #ifdef RLIMIT_MEMLOCK LIM(MEMLOCK, 1024), #endif LIM(NOFILE, 1), #ifdef RLIMIT_NPROC LIM(NPROC, 1), #endif #ifdef RLIMIT_RSS LIM(RSS, 1024), #endif LIM(STACK, 1024), #ifdef RLIMIT_AS LIM(AS, 1024), #endif #ifdef RLIMIT_LOCKS LIM(LOCKS, 1), #endif /* maxlogins priority */ { NULL, 0 } }; static struct limit * find_limit(const char *name) { struct limit *l; for(l = limits; l->name != NULL; l++) if(strcasecmp(name, l->name) == 0) return l; return NULL; } /* this function reads limits.conf files similar to pam_limits unimplemented features include: % maxlogins "-" no limits, priorities etc that are not set via setrlimit XXX uses static storage, and clobbers getgr* */ int read_limits_conf(const char *file, const struct passwd *pwd) { FILE *f; char *args[4]; int lineno = 0; char buf[1024]; struct limit *l; rlim_t value; f = fopen(file, "r"); if(f == NULL) { if(errno != ENOENT && errno != ENOTDIR) syslog(LOG_ERR, "%s: %m", file); return -1; } while(fgets(buf, sizeof(buf), f) != NULL) { char *last = NULL; char *end = NULL; int level; lineno++; if(buf[0] == '\0') { syslog(LOG_ERR, "%s: line %d: NUL character", file, lineno); continue; } if(buf[strlen(buf) - 1] != '\n') { /* file did not end with a newline, figure out if we're at the EOF, or if our buffer was too small */ int eof = 1; int c; while((c = fgetc(f)) != EOF) { eof = 0; if(c == '\n') break; } if(!eof) { syslog(LOG_ERR, "%s: line %d: line too long", file, lineno); continue; } } buf[strcspn(buf, "#\r\n")] = '\0'; if((args[0] = strtok_r(buf, " \t", &last)) == NULL || (args[1] = strtok_r(NULL, " \t", &last)) == NULL || (args[2] = strtok_r(NULL, " \t", &last)) == NULL || (args[3] = strtok_r(NULL, " \t", &last)) == NULL) { if(args[0] != NULL) /* this would include comment lines */ syslog(LOG_ERR, "%s: line %d: malformed line", file, lineno); continue; } l = find_limit(args[2]); if(l == NULL) { syslog(LOG_ERR, "%s: line %d: unknown limit %s", file, lineno, args[2]); continue; } if(strcmp(args[3], "-") == 0) { value = RLIM_INFINITY; } else { errno = 0; value = strtol(args[3], &end, 10); if(*end != '\0') { syslog(LOG_ERR, "%s: line %d: bad value %s", file, lineno, args[3]); continue; } if((value == LONG_MIN || value == LONG_MAX) && errno == ERANGE) { syslog(LOG_ERR, "%s: line %d: bad value %s", file, lineno, args[3]); continue; } if(value * l->scale < value) value = RLIM_INFINITY; else value *= l->scale; } level = 0; /* XXX unclear: if you set group hard and user soft limit, should the hard limit still apply? this code doesn't. */ if(strcmp(args[0], pwd->pw_name) == 0) level = 3; if(*args[0] == '@') { struct group *gr; gr = getgrnam(args[0] + 1); if(gr != NULL && gr->gr_gid == pwd->pw_gid) level = 2; } if(strcmp(args[0], "*") == 0) level = 1; if(level == 0 || level < l->has_limit) /* not for us */ continue; if(l->has_limit < level) { if(getrlimit(l->resource, &l->limit) < 0) continue; l->has_limit = level; } /* XXX unclear: if you soft to more than default hard, should we set hard to soft? this code doesn't. */ if(strcasecmp(args[1], "soft") == 0 || strcmp(args[1], "-") == 0) l->limit.rlim_cur = value; if(strcasecmp(args[1], "hard") == 0 || strcmp(args[1], "-") == 0) l->limit.rlim_max = value; } fclose(f); for(l = limits; l->name != NULL; l++) { if(l->has_limit) { if(l->limit.rlim_cur > l->limit.rlim_max) l->limit.rlim_cur = l->limit.rlim_max; if(setrlimit(l->resource, &l->limit) != 0) syslog(LOG_ERR, "setrlimit RLIM_%s failed: %m", l->name); } l->has_limit = 0; } return 0; }