Mercurial > dovecot > original-hg > dovecot-1.2
changeset 1065:6cb5b50aea71 HEAD
Don't let login process fork()
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sat, 01 Feb 2003 04:06:11 +0200 |
parents | 1577e4cfd569 |
children | 06b566bd2623 |
files | configure.in src/lib/ioloop-poll.c src/lib/restrict-process-size.c src/lib/restrict-process-size.h src/master/auth-process.c src/master/login-process.c src/master/mail-process.c |
diffstat | 7 files changed, 27 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/configure.in Fri Jan 31 08:58:13 2003 +0200 +++ b/configure.in Sat Feb 01 04:06:11 2003 +0200 @@ -510,6 +510,18 @@ AC_DEFINE(HAVE_RLIMIT_AS,, Define if you have RLIMIT_AS for setrlimit()) ]) +dnl * Do we have RLIMIT_NPROC? +AC_TRY_COMPILE([ + #include <sys/types.h> + #include <sys/time.h> + #include <sys/resource.h> +], [ + struct rlimit r; + getrlimit(RLIMIT_NPROC, &r); +], [ + AC_DEFINE(HAVE_RLIMIT_NPROC,, Define if you have RLIMIT_NPROC for setrlimit()) +]) + dnl * Linux compatible mremap() AC_MSG_CHECKING([Linux compatible mremap()]) AC_TRY_COMPILE([
--- a/src/lib/ioloop-poll.c Fri Jan 31 08:58:13 2003 +0200 +++ b/src/lib/ioloop-poll.c Sat Feb 01 04:06:11 2003 +0200 @@ -201,7 +201,7 @@ } else if (io->condition & IO_READ) { if ((pollfd->revents & IO_POLL_INPUT) == 0) continue; - pollfd->revents &= ~IO_POLL_INPUT; + pollfd->revents &= ~IO_POLL_INPUT; } else if (io->condition & IO_WRITE) { if ((pollfd->revents & IO_POLL_OUTPUT) == 0) continue;
--- a/src/lib/restrict-process-size.c Fri Jan 31 08:58:13 2003 +0200 +++ b/src/lib/restrict-process-size.c Sat Feb 01 04:06:11 2003 +0200 @@ -30,11 +30,19 @@ # include <sys/resource.h> #endif -void restrict_process_size(unsigned int size __attr_unused__) +void restrict_process_size(unsigned int size __attr_unused__, + unsigned int max_processes __attr_unused__) { #ifdef HAVE_SETRLIMIT struct rlimit rlim; +#ifdef HAVE_RLIMIT_NPROC + rlim.rlim_max = rlim.rlim_cur = + max_processes < INT_MAX ? max_processes : RLIM_INFINITY; + if (setrlimit(RLIMIT_NPROC, &rlim) < 0) + i_fatal("setrlimit(RLIMIT_NPROC, %u): %m", size); +#endif + rlim.rlim_max = rlim.rlim_cur = size > 0 && size < INT_MAX/1024/1024 ? size*1024*1024 : RLIM_INFINITY;
--- a/src/lib/restrict-process-size.h Fri Jan 31 08:58:13 2003 +0200 +++ b/src/lib/restrict-process-size.h Sat Feb 01 04:06:11 2003 +0200 @@ -3,6 +3,7 @@ /* Restrict max. process size. The size is in megabytes, setting it to (unsigned int)-1 sets it unlimited. */ -void restrict_process_size(unsigned int size); +void restrict_process_size(unsigned int size __attr_unused__, + unsigned int max_processes __attr_unused__); #endif
--- a/src/master/auth-process.c Fri Jan 31 08:58:13 2003 +0200 +++ b/src/master/auth-process.c Sat Feb 01 04:06:11 2003 +0200 @@ -330,7 +330,7 @@ if (auth_set->verbose) env_put("VERBOSE=1"); - restrict_process_size(auth_set->process_size); + restrict_process_size(auth_set->process_size, (unsigned int)-1); /* make sure we don't leak syslog fd, but do it last so that any errors above will be logged */
--- a/src/master/login-process.c Fri Jan 31 08:58:13 2003 +0200 +++ b/src/master/login-process.c Sat Feb 01 04:06:11 2003 +0200 @@ -385,7 +385,7 @@ env_put(t_strdup_printf("PROCESS_UID=%s", dec2str(getpid()))); - restrict_process_size(group->set->process_size); + restrict_process_size(group->set->process_size, 0); /* make sure we don't leak syslog fd, but do it last so that any errors above will be logged */
--- a/src/master/mail-process.c Fri Jan 31 08:58:13 2003 +0200 +++ b/src/master/mail-process.c Sat Feb 01 04:06:11 2003 +0200 @@ -152,7 +152,7 @@ reply->uid, reply->gid, reply->chroot ? data + reply->home_idx : NULL); - restrict_process_size(process_size); + restrict_process_size(process_size, (unsigned int)-1); env_put("LOGGED_IN=1"); env_put(t_strconcat("HOME=", data + reply->home_idx, NULL));