diff options
| author | Lennart Poettering <lennart@poettering.net> | 2016-05-04 19:40:05 +0200 |
|---|---|---|
| committer | Sven Eden <yamakuzure@gmx.net> | 2017-06-16 10:12:58 +0200 |
| commit | ad0ff86c7c90c3d652edb7c81ebd3f07f70a9a07 (patch) | |
| tree | e2337c531abe3c1f9940dce1235e898cc54f2333 /src | |
| parent | 3b85f87c5c282176a343a4c78dce3350c43e4c28 (diff) | |
logind: enforce a limit on inhibitors we hand out
For similar reasons as the recent addition of a limit on sessions.
Note that we don't enforce a limit on inhibitors per-user currently, but
there's an implicit one, since each inhibitor takes up one fd, and fds are
limited via RLIMIT_NOFILE, and the limit on the number of processes per user.
Diffstat (limited to 'src')
| -rw-r--r-- | src/login/logind-dbus.c | 23 | ||||
| -rw-r--r-- | src/login/logind.h | 1 |
2 files changed, 24 insertions, 0 deletions
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c index 1a49a3128..0a30dfd16 100644 --- a/src/login/logind-dbus.c +++ b/src/login/logind-dbus.c @@ -283,6 +283,24 @@ static int property_get_current_sessions( return sd_bus_message_append(reply, "t", (uint64_t) hashmap_size(m->sessions)); } +static int property_get_current_inhibitors( + sd_bus *bus, + const char *path, + const char *interface, + const char *property, + sd_bus_message *reply, + void *userdata, + sd_bus_error *error) { + + Manager *m = userdata; + + assert(bus); + assert(reply); + assert(m); + + return sd_bus_message_append(reply, "t", (uint64_t) hashmap_size(m->inhibitors)); +} + static int method_get_session(sd_bus_message *message, void *userdata, sd_bus_error *error) { _cleanup_free_ char *p = NULL; Manager *m = userdata; @@ -2522,6 +2540,9 @@ static int method_inhibit(sd_bus_message *message, void *userdata, sd_bus_error if (r < 0) return r; + if (hashmap_size(m->inhibitors) >= m->inhibitors_max) + return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Maximum number of inhibitors (%" PRIu64 ") reached, refusing further inhibitors.", m->inhibitors_max); + do { id = mfree(id); @@ -2594,6 +2615,8 @@ const sd_bus_vtable manager_vtable[] = { SD_BUS_PROPERTY("Docked", "b", property_get_docked, 0, 0), SD_BUS_PROPERTY("RemoveIPC", "b", bus_property_get_bool, offsetof(Manager, remove_ipc), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("RuntimeDirectorySize", "t", bus_property_get_size, offsetof(Manager, runtime_dir_size), SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("InhibitorsMax", "t", NULL, offsetof(Manager, inhibitors_max), SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("NCurrentInhibitors", "t", property_get_current_inhibitors, 0, 0), SD_BUS_PROPERTY("SessionsMax", "t", NULL, offsetof(Manager, sessions_max), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("NCurrentSessions", "t", property_get_current_sessions, 0, 0), SD_BUS_PROPERTY("UserTasksMax", "t", NULL, offsetof(Manager, user_tasks_max), SD_BUS_VTABLE_PROPERTY_CONST), diff --git a/src/login/logind.h b/src/login/logind.h index 3a9ccb6e5..752d4e399 100644 --- a/src/login/logind.h +++ b/src/login/logind.h @@ -163,6 +163,7 @@ struct Manager { size_t runtime_dir_size; uint64_t user_tasks_max; uint64_t sessions_max; + uint64_t inhibitors_max; }; int manager_add_device(Manager *m, const char *sysfs, bool master, Device **_device); |