From 16285e6768df32430a2cb31d1413e5f0d628de10 Mon Sep 17 00:00:00 2001 From: nekral-guest Date: Sat, 27 Oct 2007 19:45:21 +0000 Subject: [PATCH] Add support for 2 new resource limits. Thanks to Justin Bronder for the patch. This was reported in the Debian bug #442334. This only impact shadow when it is not compiled with PAM support. --- ChangeLog | 8 ++++++++ NEWS | 2 ++ etc/limits | 4 +++- libmisc/limits.c | 20 ++++++++++++++++++-- man/limits.5.xml | 3 +++ 5 files changed, 34 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2ba088c0..0bd8753e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2007-10-27 Nicolas François + + * libmisc/limits.c, man/limits.5.xml, etc/limits: Apply patch sent + by Justin Bronder . See Debian bug #442334. + This adds support to 2 new resource limits: max nice value, and + max real time priority. This is only used when shadow is not + compiled with PAM support. + 2007-10-27 Nicolas François * man/gpasswd.1.xml: Describe the options separately in the diff --git a/NEWS b/NEWS index cec00f02..ad73293f 100644 --- a/NEWS +++ b/NEWS @@ -11,6 +11,8 @@ shadow-4.0.18.1 -> shadow-4.0.18.2 13-10-2007 after close /etc/{group,passwd} files, - su: If compiled without PAM support, enforce the limits from /etc/limits when one of the -, -l, or --login options is set, even if called by root. +- limits: Support for 2 new resource limits: max nice value, and max real + time priority. The resource limits are not used when compiled with PAM. *** documentation: - updated translations: fi, ja, nl, tl, zh_CN. - groupadd.8, groupmod.8, login.1, useradd.8, userdel.8, usermod.8: grammar diff --git a/etc/limits b/etc/limits index fc741b1a..d39f2d54 100644 --- a/etc/limits +++ b/etc/limits @@ -18,10 +18,12 @@ # T: max CPU time (MIN) # U: max number of processes # L: max number of logins for this user +# I: max nice value (0..39 translates to 20..-19) +# O: max real time priority (0..MAX_RT_PRIO) # # Examples: # the default entry -#* L2 D6144 R2048 S2048 U32 N32 F16384 T5 C0 +#* L2 D6144 R2048 S2048 U32 N32 F16384 T5 C0 I20 O0 # another way of suspending a user login #guest L0 # this account has no limits diff --git a/libmisc/limits.c b/libmisc/limits.c index 2b4eb6a6..52e6dbdb 100644 --- a/libmisc/limits.c +++ b/libmisc/limits.c @@ -169,7 +169,7 @@ static int check_logins (const char *name, const char *maxlogins) * by Cristian Gafton - gafton@sorosis.ro * * We are passed a string of the form ('BASH' constants for ulimit) - * [Aa][Cc][Dd][Ff][Mm][Nn][Rr][Ss][Tt][Uu][Ll][Pp] + * [Aa][Cc][Dd][Ff][Mm][Nn][Rr][Ss][Tt][Uu][Ll][Pp][Ii][Oo] * (eg. 'C2F256D2048N5' or 'C2 F256 D2048 N5') * where: * [Aa]: a = RLIMIT_AS max address space (KB) @@ -185,6 +185,8 @@ static int check_logins (const char *name, const char *maxlogins) * [Kk]: k = file creation masK (umask) * [Ll]: l = max number of logins for this user * [Pp]: p = process priority -20..20 (negative = high, positive = low) + * [Ii]: i = RLIMIT_NICE max nice value (0..39 translates to 20..-19) + * [Oo]: o = RLIMIT_RTPRIO max real time priority (linux/sched.h 0..MAX_RT_PRIO) * * Return value: * 0 = okay, of course @@ -272,6 +274,20 @@ static int do_user_limits (const char *buf, const char *name) /* RLIMIT_STACK - max stack size (KB) */ retval |= setrlimit_value (RLIMIT_STACK, pp, 1024); break; +#endif +#ifdef RLIMIT_NICE + case 'i': + case 'I': + /* RLIMIT_NICE - max scheduling priority (0..39) */ + retval |= setrlimit_value (RLIMIT_NICE, pp, 1); + break; +#endif +#ifdef RLIMIT_RTPRIO + case 'o': + case 'O': + /* RLIMIT_RTPRIO - max real time priority (0..MAX_RT_PRIO) */ + retval |= setrlimit_value (RLIMIT_RTPRIO, pp, 1); + break; #endif case 'k': case 'K': @@ -328,7 +344,7 @@ static int setup_user_limits (const char *uname) * Imposing a limit should be done with care, so a wrong * entry means no care anyway :-). A '-' as a limits * strings means no limits --cristiang */ - if (sscanf (buf, "%s%[ACDFMNRSTULPacdfmnrstulp0-9 \t-]", + if (sscanf (buf, "%s%[ACDFMNRSTULPIOacdfmnrstulpio0-9 \t-]", name, tempbuf) == 2) { if (strcmp (name, uname) == 0) { strcpy (limits, tempbuf); diff --git a/man/limits.5.xml b/man/limits.5.xml index 71b91c36..e8d1237f 100644 --- a/man/limits.5.xml +++ b/man/limits.5.xml @@ -64,6 +64,9 @@ setpriority2 . + I: max nice value (0..39 which translates to + 20..-19) + O: max real time priority