Add support for 2 new resource limits. Thanks to Justin Bronder for the

patch. This was reported in the Debian bug #442334.
This only impact shadow when it is not compiled with PAM support.
v4.1.2.1
nekral-guest 15 years ago
parent 93acdeb8ff
commit 16285e6768
  1. 8
      ChangeLog
  2. 2
      NEWS
  3. 4
      etc/limits
  4. 20
      libmisc/limits.c
  5. 3
      man/limits.5.xml

@ -1,3 +1,11 @@
2007-10-27 Nicolas François <nicolas.francois@centraliens.net>
* libmisc/limits.c, man/limits.5.xml, etc/limits: Apply patch sent
by Justin Bronder <jsbronder@gmail.com>. See Debian bug #442334.
This adds support to 2 new resource limits: max nice value, and
max real time priority. This is only used when shadow is not
compiled with PAM support.
2007-10-27 Nicolas François <nicolas.francois@centraliens.net>
* man/gpasswd.1.xml: Describe the options separately in the

@ -11,6 +11,8 @@ shadow-4.0.18.1 -> shadow-4.0.18.2 13-10-2007
after close /etc/{group,passwd} files,
- su: If compiled without PAM support, enforce the limits from /etc/limits
when one of the -, -l, or --login options is set, even if called by root.
- limits: Support for 2 new resource limits: max nice value, and max real
time priority. The resource limits are not used when compiled with PAM.
*** documentation:
- updated translations: fi, ja, nl, tl, zh_CN.
- groupadd.8, groupmod.8, login.1, useradd.8, userdel.8, usermod.8: grammar

@ -18,10 +18,12 @@
# T: max CPU time (MIN)
# U: max number of processes
# L: max number of logins for this user
# I: max nice value (0..39 translates to 20..-19)
# O: max real time priority (0..MAX_RT_PRIO)
#
# Examples:
# the default entry
#* L2 D6144 R2048 S2048 U32 N32 F16384 T5 C0
#* L2 D6144 R2048 S2048 U32 N32 F16384 T5 C0 I20 O0
# another way of suspending a user login
#guest L0
# this account has no limits

@ -169,7 +169,7 @@ static int check_logins (const char *name, const char *maxlogins)
* by Cristian Gafton - gafton@sorosis.ro
*
* We are passed a string of the form ('BASH' constants for ulimit)
* [Aa][Cc][Dd][Ff][Mm][Nn][Rr][Ss][Tt][Uu][Ll][Pp]
* [Aa][Cc][Dd][Ff][Mm][Nn][Rr][Ss][Tt][Uu][Ll][Pp][Ii][Oo]
* (eg. 'C2F256D2048N5' or 'C2 F256 D2048 N5')
* where:
* [Aa]: a = RLIMIT_AS max address space (KB)
@ -185,6 +185,8 @@ static int check_logins (const char *name, const char *maxlogins)
* [Kk]: k = file creation masK (umask)
* [Ll]: l = max number of logins for this user
* [Pp]: p = process priority -20..20 (negative = high, positive = low)
* [Ii]: i = RLIMIT_NICE max nice value (0..39 translates to 20..-19)
* [Oo]: o = RLIMIT_RTPRIO max real time priority (linux/sched.h 0..MAX_RT_PRIO)
*
* Return value:
* 0 = okay, of course
@ -272,6 +274,20 @@ static int do_user_limits (const char *buf, const char *name)
/* RLIMIT_STACK - max stack size (KB) */
retval |= setrlimit_value (RLIMIT_STACK, pp, 1024);
break;
#endif
#ifdef RLIMIT_NICE
case 'i':
case 'I':
/* RLIMIT_NICE - max scheduling priority (0..39) */
retval |= setrlimit_value (RLIMIT_NICE, pp, 1);
break;
#endif
#ifdef RLIMIT_RTPRIO
case 'o':
case 'O':
/* RLIMIT_RTPRIO - max real time priority (0..MAX_RT_PRIO) */
retval |= setrlimit_value (RLIMIT_RTPRIO, pp, 1);
break;
#endif
case 'k':
case 'K':
@ -328,7 +344,7 @@ static int setup_user_limits (const char *uname)
* Imposing a limit should be done with care, so a wrong
* entry means no care anyway :-). A '-' as a limits
* strings means no limits --cristiang */
if (sscanf (buf, "%s%[ACDFMNRSTULPacdfmnrstulp0-9 \t-]",
if (sscanf (buf, "%s%[ACDFMNRSTULPIOacdfmnrstulpio0-9 \t-]",
name, tempbuf) == 2) {
if (strcmp (name, uname) == 0) {
strcpy (limits, tempbuf);

@ -64,6 +64,9 @@
<refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum>
</citerefentry>.</para>
</listitem>
<listitem><para>I: max nice value (0..39 which translates to
20..-19)</para></listitem>
<listitem><para>O: max real time priority</para></listitem>
</itemizedlist>
<para>

Loading…
Cancel
Save