Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/heimdal/appl/rsh/limits_conf.c
34878 views
1
/*

2
 * Copyright (c) 2005 Kungliga Tekniska Högskolan

3
 * (Royal Institute of Technology, Stockholm, Sweden).

4
 * All rights reserved.

5
 *

6
 * Redistribution and use in source and binary forms, with or without

7
 * modification, are permitted provided that the following conditions

8
 * are met:

9
 *

10
 * 1. Redistributions of source code must retain the above copyright

11
 *    notice, this list of conditions and the following disclaimer.

12
 *

13
 * 2. Redistributions in binary form must reproduce the above copyright

14
 *    notice, this list of conditions and the following disclaimer in the

15
 *    documentation and/or other materials provided with the distribution.

16
 *

17
 * 3. Neither the name of the Institute nor the names of its contributors

18
 *    may be used to endorse or promote products derived from this software

19
 *    without specific prior written permission.

20
 *

21
 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND

22
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

23
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

24
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE

25
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

26
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

27
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

28
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

29
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

30
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

31
 * SUCH DAMAGE.

32
 */

33


34
#include "login_locl.h"

35


36
RCSID("$Id$");

37


38
#include <errno.h>

39
#include <limits.h>

40
#ifdef HAVE_SYS_RESOURCE_H

41
#include <sys/resource.h>

42
#endif

43


44
struct limit {

45
    const char *name;

46
    int resource;

47
    int scale;

48
    int has_limit;

49
    struct rlimit limit;

50
} limits[] = {

51
#define LIM(X, S) { #X, RLIMIT_##X, S, 0 }

52
    LIM(CORE, 1024),

53
    LIM(CPU, 60),

54
    LIM(DATA, 1024),

55
    LIM(FSIZE, 1024),

56
#ifdef RLIMIT_MEMLOCK

57
    LIM(MEMLOCK, 1024),

58
#endif

59
    LIM(NOFILE, 1),

60
#ifdef RLIMIT_NPROC

61
    LIM(NPROC, 1),

62
#endif

63
#ifdef RLIMIT_RSS

64
    LIM(RSS, 1024),

65
#endif

66
    LIM(STACK, 1024),

67


68
#ifdef RLIMIT_AS

69
    LIM(AS, 1024),

70
#endif

71
#ifdef RLIMIT_LOCKS

72
    LIM(LOCKS, 1),

73
#endif

74
    /*

75
      maxlogins

76
      priority

77
    */

78
    { NULL, 0 }

79
};

80


81
static struct limit *

82
find_limit(const char *name)

83
{

84
    struct limit *l;

85
    for(l = limits; l->name != NULL; l++)

86
	if(strcasecmp(name, l->name) == 0)

87
	    return l;

88
    return NULL;

89
}

90


91
/* this function reads limits.conf files similar to pam_limits

92
   unimplemented features include:

93
   	% maxlogins

94
	"-" no limits,

95
	priorities etc that are not set via setrlimit

96
   XXX uses static storage, and clobbers getgr*

97
*/

98


99
int

100
read_limits_conf(const char *file, const struct passwd *pwd)

101
{

102
    FILE *f;

103
    char *args[4];

104
    int lineno = 0;

105
    char buf[1024];

106
    struct limit *l;

107
    rlim_t value;

108


109
    f = fopen(file, "r");

110
    if(f == NULL) {

111
	if(errno != ENOENT && errno != ENOTDIR)

112
	    syslog(LOG_ERR, "%s: %m", file);

113
	return -1;

114
    }

115


116
    while(fgets(buf, sizeof(buf), f) != NULL) {

117
	char *last = NULL;

118
	char *end = NULL;

119
	int level;

120


121
	lineno++;

122


123
	if(buf[0] == '\0') {

124
	    syslog(LOG_ERR, "%s: line %d: NUL character", file, lineno);

125
	    continue;

126
	}

127
	if(buf[strlen(buf) - 1] != '\n') {

128
	    /* file did not end with a newline, figure out if we're at

129
               the EOF, or if our buffer was too small */

130
	    int eof = 1;

131
	    int c;

132
	    while((c = fgetc(f)) != EOF) {

133
		eof = 0;

134
		if(c == '\n')

135
		    break;

136
	    }

137
	    if(!eof) {

138
		syslog(LOG_ERR, "%s: line %d: line too long", file, lineno);

139
		continue;

140
	    }

141
	}

142
	buf[strcspn(buf, "#\r\n")] = '\0';

143
	if((args[0] = strtok_r(buf, " \t", &last)) == NULL ||

144
	   (args[1] = strtok_r(NULL, " \t", &last)) == NULL ||

145
	   (args[2] = strtok_r(NULL, " \t", &last)) == NULL ||

146
	   (args[3] = strtok_r(NULL, " \t", &last)) == NULL) {

147
	    if(args[0] != NULL) /* this would include comment lines */

148
		syslog(LOG_ERR, "%s: line %d: malformed line", file, lineno);

149
	    continue;

150
	}

151


152
	l = find_limit(args[2]);

153
	if(l == NULL) {

154
	    syslog(LOG_ERR, "%s: line %d: unknown limit %s", file, lineno, args[2]);

155
	    continue;

156
	}

157
	if(strcmp(args[3], "-") == 0) {

158
	    value = RLIM_INFINITY;

159
	} else {

160
	    errno = 0;

161
	    value = strtol(args[3], &end, 10);

162
	    if(*end != '\0') {

163
		syslog(LOG_ERR, "%s: line %d: bad value %s", file, lineno, args[3]);

164
		continue;

165
	    }

166
	    if((value == LONG_MIN || value == LONG_MAX) && errno == ERANGE) {

167
		syslog(LOG_ERR, "%s: line %d: bad value %s", file, lineno, args[3]);

168
		continue;

169
	    }

170
	    if(value * l->scale < value)

171
		value = RLIM_INFINITY;

172
	    else

173
		value *= l->scale;

174
	}

175
	level = 0;

176
	/* XXX unclear: if you set group hard and user soft limit,

177
           should the hard limit still apply? this code doesn't. */

178
	if(strcmp(args[0], pwd->pw_name) == 0)

179
	    level = 3;

180
	if(*args[0] == '@') {

181
	    struct group *gr;

182
	    gr = getgrnam(args[0] + 1);

183
	    if(gr != NULL && gr->gr_gid == pwd->pw_gid)

184
		level = 2;

185
	}

186
	if(strcmp(args[0], "*") == 0)

187
	    level = 1;

188
	if(level == 0 || level < l->has_limit) /* not for us */

189
	    continue;

190
	if(l->has_limit < level) {

191
	    if(getrlimit(l->resource, &l->limit) < 0)

192
		continue;

193
	    l->has_limit = level;

194
	}

195


196
	/* XXX unclear: if you soft to more than default hard, should

197
           we set hard to soft? this code doesn't. */

198
	if(strcasecmp(args[1], "soft") == 0 || strcmp(args[1], "-") == 0)

199
	    l->limit.rlim_cur = value;

200
	if(strcasecmp(args[1], "hard") == 0 || strcmp(args[1], "-") == 0)

201
	    l->limit.rlim_max = value;

202
    }

203
    fclose(f);

204
    for(l = limits; l->name != NULL; l++) {

205
	if(l->has_limit) {

206
	    if(l->limit.rlim_cur > l->limit.rlim_max)

207
		l->limit.rlim_cur = l->limit.rlim_max;

208
	    if(setrlimit(l->resource, &l->limit) != 0)

209
		syslog(LOG_ERR, "setrlimit RLIM_%s failed: %m", l->name);

210
	}

211
	l->has_limit = 0;

212
    }

213
    return 0;

214
}

215


216