Add support for 2 new resource limits. Thanks to Justin Bronder for the

patch. This was reported in the Debian bug #442334.
This only impact shadow when it is not compiled with PAM support.

ChangeLog

@@ -1,3 +1,11 @@
+2007-10-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/limits.c, man/limits.5.xml, etc/limits: Apply patch sent
+	by Justin Bronder <jsbronder@gmail.com>. See Debian bug #442334.
+	This adds support to 2 new resource limits: max nice value, and
+	max real time priority. This is only used when shadow is not
+	compiled with PAM support.
+
 2007-10-27  Nicolas François  <nicolas.francois@centraliens.net>
 
 	* man/gpasswd.1.xml: Describe the options separately in the

NEWS

@@ -11,6 +11,8 @@ shadow-4.0.18.1 -> shadow-4.0.18.2					13-10-2007
   after close /etc/{group,passwd} files,
 - su: If compiled without PAM support, enforce the limits from /etc/limits
   when one of the -, -l, or --login options is set, even if called by root.
+- limits: Support for 2 new resource limits: max nice value, and max real
+  time priority. The resource limits are not used when compiled with PAM.
 *** documentation:
 - updated translations: fi, ja, nl, tl, zh_CN.
 - groupadd.8, groupmod.8, login.1, useradd.8, userdel.8, usermod.8: grammar

etc/limits

@@ -18,10 +18,12 @@
 # T: max CPU time (MIN)
 # U: max number of processes
 # L: max number of logins for this user
+# I: max nice value (0..39 translates to 20..-19)
+# O: max real time priority (0..MAX_RT_PRIO)
 #
 # Examples:
 # the default entry
-#* L2 D6144 R2048 S2048 U32 N32 F16384 T5 C0
+#* L2 D6144 R2048 S2048 U32 N32 F16384 T5 C0 I20 O0
 # another way of suspending a user login
 #guest   L0
 # this account has no limits

libmisc/limits.c

@@ -169,7 +169,7 @@ static int check_logins (const char *name, const char *maxlogins)
  * by Cristian Gafton - gafton@sorosis.ro
  *
  * We are passed a string of the form ('BASH' constants for ulimit)
- *     [Aa][Cc][Dd][Ff][Mm][Nn][Rr][Ss][Tt][Uu][Ll][Pp]
+ *     [Aa][Cc][Dd][Ff][Mm][Nn][Rr][Ss][Tt][Uu][Ll][Pp][Ii][Oo]
  *     (eg. 'C2F256D2048N5' or 'C2 F256 D2048 N5')
  * where:
  * [Aa]: a = RLIMIT_AS		max address space (KB)
@@ -185,6 +185,8 @@ static int check_logins (const char *name, const char *maxlogins)
  * [Kk]: k = file creation masK (umask)
  * [Ll]: l = max number of logins for this user
  * [Pp]: p = process priority -20..20 (negative = high, positive = low)
+ * [Ii]: i = RLIMIT_NICE    max nice value (0..39 translates to 20..-19)
+ * [Oo]: o = RLIMIT_RTPRIO  max real time priority (linux/sched.h 0..MAX_RT_PRIO)
  *
  * Return value:
  *		0 = okay, of course
@@ -272,6 +274,20 @@ static int do_user_limits (const char *buf, const char *name)
 			/* RLIMIT_STACK - max stack size (KB) */
 			retval |= setrlimit_value (RLIMIT_STACK, pp, 1024);
 			break;
+#endif
+#ifdef RLIMIT_NICE
+		case 'i':
+		case 'I':
+			/* RLIMIT_NICE - max scheduling priority (0..39) */
+			retval |= setrlimit_value (RLIMIT_NICE, pp, 1);
+			break;
+#endif
+#ifdef RLIMIT_RTPRIO
+		case 'o':
+		case 'O':
+			/* RLIMIT_RTPRIO - max real time priority (0..MAX_RT_PRIO) */
+			retval |= setrlimit_value (RLIMIT_RTPRIO, pp, 1);
+			break;
 #endif
 		case 'k':
 		case 'K':
@@ -328,7 +344,7 @@ static int setup_user_limits (const char *uname)
 		 * Imposing a limit should be done with care, so a wrong
 		 * entry means no care anyway :-). A '-' as a limits
 		 * strings means no limits --cristiang */
-		if (sscanf (buf, "%s%[ACDFMNRSTULPacdfmnrstulp0-9 \t-]",
+		if (sscanf (buf, "%s%[ACDFMNRSTULPIOacdfmnrstulpio0-9 \t-]",
 			    name, tempbuf) == 2) {
 			if (strcmp (name, uname) == 0) {
 				strcpy (limits, tempbuf);

man/limits.5.xml

@@ -64,6 +64,9 @@
 	  <refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum>
 	</citerefentry>.</para>
       </listitem>
+      <listitem><para>I: max nice value (0..39 which translates to
+      20..-19)</para></listitem>
+      <listitem><para>O: max real time priority</para></listitem>
     </itemizedlist>
 
     <para>