2 * Copyright (c) 2008 Todd C. Miller <Todd.Miller@courtesan.com>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 #include <sys/types.h>
20 #include <sys/resource.h>
30 #endif /* STDC_HEADERS */
36 __unused static const char rcsid[] = "$Sudo: aix.c,v 1.7 2008/11/06 00:42:37 millert Exp $";
39 #ifdef HAVE_GETUSERATTR
41 #ifndef RLIM_SAVED_MAX
42 # define RLIM_SAVED_MAX RLIM_INFINITY
52 static struct aix_limit aix_limits[] = {
53 { RLIMIT_FSIZE, S_UFSIZE, S_UFSIZE_HARD, 512 },
54 { RLIMIT_CPU, S_UCPU, S_UCPU_HARD, 1 },
55 { RLIMIT_DATA, S_UDATA, S_UDATA_HARD, 512 },
56 { RLIMIT_STACK, S_USTACK, S_USTACK_HARD, 512 },
57 { RLIMIT_RSS, S_URSS, S_URSS_HARD, 512 },
58 { RLIMIT_CORE, S_UCORE, S_UCORE_HARD, 512 },
59 { RLIMIT_NOFILE, S_UNOFILE, S_UNOFILE_HARD, 1 }
63 aix_getlimit(user, lim, valp)
68 if (getuserattr(user, lim, valp, SEC_INT) != 0)
69 return getuserattr("default", lim, valp, SEC_INT);
81 * For each resource limit, get the soft/hard values for the user
82 * and set those values via setrlimit(). Must be run as euid 0.
84 for (n = 0; n < sizeof(aix_limits) / sizeof(aix_limits[0]); n++) {
86 * We have two strategies, depending on whether or not the
87 * hard limit has been defined.
89 if (aix_getlimit(user, aix_limits[n].hard, &i) == 0) {
90 rlim.rlim_max = i == -1 ? RLIM_INFINITY : i * aix_limits[n].factor;
91 if (aix_getlimit(user, aix_limits[n].soft, &i) == 0)
92 rlim.rlim_cur = i == -1 ? RLIM_INFINITY : i * aix_limits[n].factor;
94 rlim.rlim_cur = rlim.rlim_max; /* soft not specd, use hard */
96 /* No hard limit set, try soft limit. */
97 if (aix_getlimit(user, aix_limits[n].soft, &i) == 0)
98 rlim.rlim_cur = i == -1 ? RLIM_INFINITY : i * aix_limits[n].factor;
100 /* Set hard limit per AIX /etc/security/limits documentation. */
101 switch (aix_limits[n].resource) {
104 rlim.rlim_max = rlim.rlim_cur;
107 rlim.rlim_max = RLIM_SAVED_MAX;
110 rlim.rlim_max = RLIM_INFINITY;
114 (void)setrlimit(aix_limits[n].resource, &rlim);
118 #endif /* HAVE_GETUSERATTR */