isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add front-end support for setting resouce limits.

Browse Source 
The special value "user" means preserve the invoking user's limit.
The value "default" means don't override the default limit for the
user as assigned by the system (PAM, loging.conf, userdb, etc).
This commit is contained in:
Todd C. Miller
2021-11-08 18:21:11 -07:00
parent f279df5e18
commit 74ef983f60
4 changed files with 240 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/sudo.c
View File

@@ -620,7 +620,7 @@ get_user_info(struct user_details *ud)
if (asprintf(&info[++i], "cols=%d", ud->ts_cols) == -1)
goto oom;
n = serialize_limits(&info[i + 1], info_max - (i + 1));
n = serialize_rlimits(&info[i + 1], info_max - (i + 1));
if (n == -1)
goto oom;
i += n;
@@ -753,6 +753,10 @@ command_info_to_details(char * const info[], struct command_details *details)
}
break;
case 'r':
if (strncmp("rlimit_", info[i], sizeof("rlimit_") - 1) == 0) {
parse_policy_rlimit(info[i] + sizeof("rlimit_") - 1);
break;
}
if (strncmp("runas_egid=", info[i], sizeof("runas_egid=") - 1) == 0) {
cp = info[i] + sizeof("runas_egid=") - 1;
id = sudo_strtoid(cp, &errstr);
@@ -1378,6 +1382,7 @@ policy_init_session(struct command_details *details)
details->info);
}
}
done:
debug_return_int(ret);
}