diff options
author | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 16:03:16 -0800 |
---|---|---|
committer | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 16:05:55 -0800 |
commit | 281e859131adad49301befbc50cfc5cd282c6937 (patch) | |
tree | ce45ce19af410930b834390fb8a8256bcace5006 /Linux-PAM/modules/pam_limits | |
parent | 9a4298687784e7812c8aeef6e0e97830febbf393 (diff) | |
parent | 10ac36fdc45532acb00ec47aab28b5cc6198820f (diff) |
New upstream version 0.99.9.0
Diffstat (limited to 'Linux-PAM/modules/pam_limits')
-rw-r--r-- | Linux-PAM/modules/pam_limits/Makefile.am | 4 | ||||
-rw-r--r-- | Linux-PAM/modules/pam_limits/Makefile.in | 35 | ||||
-rw-r--r-- | Linux-PAM/modules/pam_limits/limits.conf.5 | 35 | ||||
-rw-r--r-- | Linux-PAM/modules/pam_limits/limits.conf.5.xml | 3 | ||||
-rw-r--r-- | Linux-PAM/modules/pam_limits/pam_limits.c | 44 |
5 files changed, 62 insertions, 59 deletions
diff --git a/Linux-PAM/modules/pam_limits/Makefile.am b/Linux-PAM/modules/pam_limits/Makefile.am index 60256a7c..13232ea6 100644 --- a/Linux-PAM/modules/pam_limits/Makefile.am +++ b/Linux-PAM/modules/pam_limits/Makefile.am @@ -18,13 +18,13 @@ limits_conf_dir = $(SCONFIGDIR)/limits.d AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ -DLIMITS_FILE_DIR=\"$(limits_conf_dir)/*.conf\" \ -DLIMITS_FILE=\"$(SCONFIGDIR)/limits.conf\" -AM_LDFLAGS = -no-undefined -avoid-version -module \ - -L$(top_builddir)/libpam -lpam +AM_LDFLAGS = -no-undefined -avoid-version -module if HAVE_VERSIONING AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map endif securelib_LTLIBRARIES = pam_limits.la +pam_limits_la_LIBADD = -L$(top_builddir)/libpam -lpam secureconf_DATA = limits.conf diff --git a/Linux-PAM/modules/pam_limits/Makefile.in b/Linux-PAM/modules/pam_limits/Makefile.in index a50dbff9..b01b88a3 100644 --- a/Linux-PAM/modules/pam_limits/Makefile.in +++ b/Linux-PAM/modules/pam_limits/Makefile.in @@ -65,7 +65,7 @@ am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" \ "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)" securelibLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(securelib_LTLIBRARIES) -pam_limits_la_LIBADD = +pam_limits_la_DEPENDENCIES = pam_limits_la_SOURCES = pam_limits.c pam_limits_la_OBJECTS = pam_limits.lo DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ @@ -178,6 +178,7 @@ POSUB = @POSUB@ RANLIB = @RANLIB@ SCONFIGDIR = @SCONFIGDIR@ SECUREDIR = @SECUREDIR@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ @@ -254,12 +255,14 @@ XMLS = README.xml limits.conf.5.xml pam_limits.8.xml TESTS = tst-pam_limits securelibdir = $(SECUREDIR) secureconfdir = $(SCONFIGDIR) +limits_conf_dir = $(SCONFIGDIR)/limits.d AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ + -DLIMITS_FILE_DIR=\"$(limits_conf_dir)/*.conf\" \ -DLIMITS_FILE=\"$(SCONFIGDIR)/limits.conf\" -AM_LDFLAGS = -no-undefined -avoid-version -module \ - -L$(top_builddir)/libpam -lpam $(am__append_1) +AM_LDFLAGS = -no-undefined -avoid-version -module $(am__append_1) securelib_LTLIBRARIES = pam_limits.la +pam_limits_la_LIBADD = -L$(top_builddir)/libpam -lpam secureconf_DATA = limits.conf @ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README all: all-am @@ -668,7 +671,7 @@ info: info-am info-am: -install-data-am: install-man install-secureconfDATA \ +install-data-am: install-data-local install-man install-secureconfDATA \ install-securelibLTLIBRARIES install-dvi: install-dvi-am @@ -717,20 +720,24 @@ uninstall-man: uninstall-man5 uninstall-man8 distclean distclean-compile distclean-generic \ distclean-libtool distclean-tags distdir dvi dvi-am html \ html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-man5 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-secureconfDATA install-securelibLTLIBRARIES \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ - pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-man \ - uninstall-man5 uninstall-man8 uninstall-secureconfDATA \ + install-data-am install-data-local install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man install-man5 \ + install-man8 install-pdf install-pdf-am install-ps \ + install-ps-am install-secureconfDATA \ + install-securelibLTLIBRARIES install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags uninstall uninstall-am uninstall-man uninstall-man5 \ + uninstall-man8 uninstall-secureconfDATA \ uninstall-securelibLTLIBRARIES @ENABLE_REGENERATE_MAN_TRUE@README: pam_limits.8.xml limits.conf.5.xml @ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules + +install-data-local: + mkdir -p $(DESTDIR)$(limits_conf_dir) # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/Linux-PAM/modules/pam_limits/limits.conf.5 b/Linux-PAM/modules/pam_limits/limits.conf.5 index 3cf62f26..9fef98d7 100644 --- a/Linux-PAM/modules/pam_limits/limits.conf.5 +++ b/Linux-PAM/modules/pam_limits/limits.conf.5 @@ -1,11 +1,11 @@ .\" Title: limits.conf .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> -.\" Date: 04/30/2007 -.\" Manual: Linux\-PAM Manual -.\" Source: Linux\-PAM Manual +.\" Generator: DocBook XSL Stylesheets v1.72.0 <http://docbook.sf.net/> +.\" Date: 08/30/2007 +.\" Manual: Linux-PAM Manual +.\" Source: Linux-PAM Manual .\" -.TH "LIMITS.CONF" "5" "04/30/2007" "Linux\-PAM Manual" "Linux\-PAM Manual" +.TH "LIMITS.CONF" "5" "08/30/2007" "Linux\-PAM Manual" "Linux\-PAM Manual" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) @@ -27,21 +27,19 @@ The fields listed above should be filled as follows: \fB<domain>\fR .RS 4 .RS 4 -.TP 4 -\(bu -a username -.TP 4 -\(bu -a groupname, with +\h'-04'\(bu\h'+03'a username +.RE +.RS 4 +\h'-04'\(bu\h'+03'a groupname, with \fB@group\fR syntax. This should not be confused with netgroups. -.TP 4 -\(bu -the wildcard +.RE +.RS 4 +\h'-04'\(bu\h'+03'the wildcard \fB*\fR, for default entry. -.TP 4 -\(bu -the wildcard +.RE +.RS 4 +\h'-04'\(bu\h'+03'the wildcard \fB%\fR, for maxlogins limit only, can also be used with \fI%group\fR syntax. @@ -139,7 +137,8 @@ address space limit (KB) .PP \fBmaxlogins\fR .RS 4 -maximum number of logins for this user +maximum number of logins for this user except for this with +\fIuid=0\fR .RE .PP \fBmaxsyslogins\fR diff --git a/Linux-PAM/modules/pam_limits/limits.conf.5.xml b/Linux-PAM/modules/pam_limits/limits.conf.5.xml index 830aa022..48798470 100644 --- a/Linux-PAM/modules/pam_limits/limits.conf.5.xml +++ b/Linux-PAM/modules/pam_limits/limits.conf.5.xml @@ -175,7 +175,8 @@ <varlistentry> <term><option>maxlogins</option></term> <listitem> - <para>maximum number of logins for this user</para> + <para>maximum number of logins for this user except + for this with <emphasis>uid=0</emphasis></para> </listitem> </varlistentry> <varlistentry> diff --git a/Linux-PAM/modules/pam_limits/pam_limits.c b/Linux-PAM/modules/pam_limits/pam_limits.c index a4bc727f..d65e64bf 100644 --- a/Linux-PAM/modules/pam_limits/pam_limits.c +++ b/Linux-PAM/modules/pam_limits/pam_limits.c @@ -14,7 +14,7 @@ */ #if !defined(linux) && !defined(__linux) -#error THIS CODE IS KNOWN TO WORK ONLY ON LINUX !!! +#warning THIS CODE IS KNOWN TO WORK ONLY ON LINUX !!! #endif #include "config.h" @@ -281,8 +281,10 @@ process_limit (const pam_handle_t *pamh, int source, const char *lim_type, limit_item = RLIMIT_NOFILE; else if (strcmp(lim_item, "memlock") == 0) limit_item = RLIMIT_MEMLOCK; +#ifdef RLIMIT_AS else if (strcmp(lim_item, "as") == 0) limit_item = RLIMIT_AS; +#endif /*RLIMIT_AS*/ #ifdef RLIMIT_LOCKS else if (strcmp(lim_item, "locks") == 0) limit_item = RLIMIT_LOCKS; @@ -389,7 +391,9 @@ process_limit (const pam_handle_t *pamh, int source, const char *lim_type, case RLIMIT_CORE: case RLIMIT_RSS: case RLIMIT_MEMLOCK: +#ifdef RLIMIT_AS case RLIMIT_AS: +#endif if (rlimit_value != RLIM_INFINITY) { if (rlimit_value >= RLIM_INFINITY/1024) @@ -461,8 +465,6 @@ static int parse_config_file(pam_handle_t *pamh, const char *uname, int ctrl, return PAM_SERVICE_ERR; } - /* init things */ - memset(buf, 0, sizeof(buf)); /* start the show */ while (fgets(buf, LINE_LENGTH, fil) != NULL) { char domain[LINE_LENGTH]; @@ -471,46 +473,40 @@ static int parse_config_file(pam_handle_t *pamh, const char *uname, int ctrl, char value[LINE_LENGTH]; int i; size_t j; - char *tptr; + char *tptr,*line; - tptr = buf; + line = buf; /* skip the leading white space */ - while (*tptr && isspace(*tptr)) - tptr++; - strncpy(buf, tptr, sizeof(buf)-1); - buf[sizeof(buf)-1] = '\0'; + while (*line && isspace(*line)) + line++; /* Rip off the comments */ - tptr = strchr(buf,'#'); + tptr = strchr(line,'#'); if (tptr) *tptr = '\0'; /* Rip off the newline char */ - tptr = strchr(buf,'\n'); + tptr = strchr(line,'\n'); if (tptr) *tptr = '\0'; /* Anything left ? */ - if (!strlen(buf)) { - memset(buf, 0, sizeof(buf)); + if (!strlen(line)) continue; - } - memset(domain, 0, sizeof(domain)); - memset(ltype, 0, sizeof(ltype)); - memset(item, 0, sizeof(item)); - memset(value, 0, sizeof(value)); + domain[0] = ltype[0] = item[0] = value[0] = '\0'; - i = sscanf(buf,"%s%s%s%s", domain, ltype, item, value); + i = sscanf(line,"%s%s%s%s", domain, ltype, item, value); D(("scanned line[%d]: domain[%s], ltype[%s], item[%s], value[%s]", i, domain, ltype, item, value)); for(j=0; j < strlen(ltype); j++) ltype[j]=tolower(ltype[j]); - for(j=0; j < strlen(item); j++) - item[j]=tolower(item[j]); - for(j=0; j < strlen(value); j++) - value[j]=tolower(value[j]); if (i == 4) { /* a complete line */ + for(j=0; j < strlen(item); j++) + item[j]=tolower(item[j]); + for(j=0; j < strlen(value); j++) + value[j]=tolower(value[j]); + if (strcmp(uname, domain) == 0) /* this user have a limit */ process_limit(pamh, LIMITS_DEF_USER, ltype, item, value, ctrl, pl); else if (domain[0]=='@') { @@ -556,7 +552,7 @@ static int parse_config_file(pam_handle_t *pamh, const char *uname, int ctrl, return PAM_IGNORE; } } else { - pam_syslog(pamh, LOG_WARNING, "invalid line '%s' - skipped", buf); + pam_syslog(pamh, LOG_WARNING, "invalid line '%s' - skipped", line); } } fclose(fil); |