annotate src/lib/restrict-process-size.c @ 9191:b340ecb24469 HEAD

Fix VPATH build of RQUOTA support. Some rpcgen derive #include "..." paths from the infile argument. This will be off for VPATH builds, as the generated rquota_xdr.c code will look in $(srcdir), but we'll generate the rquota.h file in $(builddir). Play safe and copy rquota.x to $(builddir) first. This fixes the build on openSUSE 11.1.
author Matthias Andree <matthias.andree@gmx.de>
date Tue, 07 Jul 2009 21:01:36 +0200
parents b9faf4db2a9f
children 00cd9aacd03c
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
8590
b9faf4db2a9f Updated copyright notices to include year 2009.
Timo Sirainen <tss@iki.fi>
parents: 8013
diff changeset
1 /* Copyright (c) 2002-2009 Dovecot authors, see the included COPYING file */
722
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
2
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
3 #include "lib.h"
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
4 #include "restrict-process-size.h"
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
5
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
6 #include <unistd.h>
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
7
6411
6a64e64fa3a3 Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents: 6395
diff changeset
8 void restrict_process_size(unsigned int size ATTR_UNUSED,
6a64e64fa3a3 Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents: 6395
diff changeset
9 unsigned int max_processes ATTR_UNUSED)
722
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
10 {
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
11 #ifdef HAVE_SETRLIMIT
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
12 struct rlimit rlim;
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
13
1065
6cb5b50aea71 Don't let login process fork()
Timo Sirainen <tss@iki.fi>
parents: 739
diff changeset
14 #ifdef HAVE_RLIMIT_NPROC
1397
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
15 if (max_processes < INT_MAX) {
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
16 rlim.rlim_max = rlim.rlim_cur = max_processes;
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
17 if (setrlimit(RLIMIT_NPROC, &rlim) < 0)
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
18 i_fatal("setrlimit(RLIMIT_NPROC, %u): %m", size);
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
19 }
1065
6cb5b50aea71 Don't let login process fork()
Timo Sirainen <tss@iki.fi>
parents: 739
diff changeset
20 #endif
6cb5b50aea71 Don't let login process fork()
Timo Sirainen <tss@iki.fi>
parents: 739
diff changeset
21
1397
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
22 if (size > 0 && size < INT_MAX/1024/1024) {
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
23 rlim.rlim_max = rlim.rlim_cur = size*1024*1024;
739
f50714973d0b RLIMIT_AS isn't supported everywhere - use it if it exists, but also use
Timo Sirainen <tss@iki.fi>
parents: 722
diff changeset
24
1397
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
25 if (setrlimit(RLIMIT_DATA, &rlim) < 0)
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
26 i_fatal("setrlimit(RLIMIT_DATA, %u): %m", size);
739
f50714973d0b RLIMIT_AS isn't supported everywhere - use it if it exists, but also use
Timo Sirainen <tss@iki.fi>
parents: 722
diff changeset
27
f50714973d0b RLIMIT_AS isn't supported everywhere - use it if it exists, but also use
Timo Sirainen <tss@iki.fi>
parents: 722
diff changeset
28 #ifdef HAVE_RLIMIT_AS
1397
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
29 if (setrlimit(RLIMIT_AS, &rlim) < 0)
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
30 i_fatal("setrlimit(RLIMIT_AS, %u): %m", size);
739
f50714973d0b RLIMIT_AS isn't supported everywhere - use it if it exists, but also use
Timo Sirainen <tss@iki.fi>
parents: 722
diff changeset
31 #endif
1397
f6ae4dc25427 cleanup
Timo Sirainen <tss@iki.fi>
parents: 1104
diff changeset
32 }
722
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
33 #else
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
34 if (size != 0) {
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
35 i_warning("Can't restrict process size: "
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
36 "setrlimit() not supported by system. "
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
37 "Set the limit to 0 to hide this warning.");
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
38 }
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
39 #endif
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
40 }
6314
c6d6ce742a82 Added restrict_fd_limit() and restrict_raise_fd_limit()
Timo Sirainen <tss@iki.fi>
parents: 1741
diff changeset
41
c6d6ce742a82 Added restrict_fd_limit() and restrict_raise_fd_limit()
Timo Sirainen <tss@iki.fi>
parents: 1741
diff changeset
42 void restrict_fd_limit(unsigned int count)
c6d6ce742a82 Added restrict_fd_limit() and restrict_raise_fd_limit()
Timo Sirainen <tss@iki.fi>
parents: 1741
diff changeset
43 {
c6d6ce742a82 Added restrict_fd_limit() and restrict_raise_fd_limit()
Timo Sirainen <tss@iki.fi>
parents: 1741
diff changeset
44 #ifdef HAVE_SETRLIMIT
c6d6ce742a82 Added restrict_fd_limit() and restrict_raise_fd_limit()
Timo Sirainen <tss@iki.fi>
parents: 1741
diff changeset
45 struct rlimit rlim;
c6d6ce742a82 Added restrict_fd_limit() and restrict_raise_fd_limit()
Timo Sirainen <tss@iki.fi>
parents: 1741
diff changeset
46
c6d6ce742a82 Added restrict_fd_limit() and restrict_raise_fd_limit()
Timo Sirainen <tss@iki.fi>
parents: 1741
diff changeset
47 rlim.rlim_cur = rlim.rlim_max = count;
c6d6ce742a82 Added restrict_fd_limit() and restrict_raise_fd_limit()
Timo Sirainen <tss@iki.fi>
parents: 1741
diff changeset
48 if (setrlimit(RLIMIT_NOFILE, &rlim) < 0)
8013
7513ad244f0f If process's RLIMIT_NOFILE can't be changed, log an error but don't die.
Timo Sirainen <tss@iki.fi>
parents: 7946
diff changeset
49 i_error("setrlimit(RLIMIT_NOFILE, %u): %m", count);
6314
c6d6ce742a82 Added restrict_fd_limit() and restrict_raise_fd_limit()
Timo Sirainen <tss@iki.fi>
parents: 1741
diff changeset
50 #endif
c6d6ce742a82 Added restrict_fd_limit() and restrict_raise_fd_limit()
Timo Sirainen <tss@iki.fi>
parents: 1741
diff changeset
51 }
7946
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
52
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
53 int restrict_get_core_limit(rlim_t *limit_r)
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
54 {
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
55 #ifdef HAVE_RLIMIT_CORE
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
56 struct rlimit rlim;
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
57
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
58 if (getrlimit(RLIMIT_CORE, &rlim) < 0) {
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
59 i_error("getrlimit(RLIMIT_CORE) failed: %m");
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
60 return -1;
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
61 }
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
62 *limit_r = rlim.rlim_cur;
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
63 return 0;
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
64 #else
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
65 return -1;
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
66 #endif
aad49536db41 If core dump limit is 0, add "core dumps disabled" to startup log line.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
67 }