diff options
Diffstat (limited to 'debian/to-be-evaluated/040_hurd_limits')
-rw-r--r-- | debian/to-be-evaluated/040_hurd_limits | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/debian/to-be-evaluated/040_hurd_limits b/debian/to-be-evaluated/040_hurd_limits new file mode 100644 index 00000000..e601992d --- /dev/null +++ b/debian/to-be-evaluated/040_hurd_limits @@ -0,0 +1,97 @@ + +diff -urN Linux-PAM-0.72/modules/pam_limits/Makefile Linux-PAM-0.72.new/modules/pam_limits/Makefile +--- Linux-PAM-0.72/modules/pam_limits/Makefile Wed Jul 4 20:58:43 2001 ++++ Linux-PAM-0.72.new/modules/pam_limits/Makefile Wed Jul 4 19:31:37 2001 +@@ -6,7 +6,7 @@ + # Created by Cristian Gafton <gafton@redhat.com> 1996/09/10 + # + +-ifeq ($(OS),linux) ++ifneq (,$(findstring $(OS),gnu linux)) + TITLE=pam_limits + CONFD=$(CONFIGED)/security + export CONFD +@@ -22,7 +22,10 @@ + LIBOBJD = $(addprefix dynamic/,$(LIBOBJ)) + LIBOBJS = $(addprefix static/,$(LIBOBJ)) + ++ifeq (linux,$(OS)) + LINKLIBS+=-lcap ++CFLAGS+=-DUSE_CAPABILITIES ++endif + + dynamic/%.o : %.c + $(CC) $(CFLAGS) $(DYNAMIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ +diff -urN Linux-PAM-0.72/modules/pam_limits/pam_limits.c Linux-PAM-0.72.new/modules/pam_limits/pam_limits.c +--- Linux-PAM-0.72/modules/pam_limits/pam_limits.c Wed Jul 4 20:58:48 2001 ++++ Linux-PAM-0.72.new/modules/pam_limits/pam_limits.c Wed Jul 4 19:31:31 2001 +@@ -13,12 +13,10 @@ + * See end for Copyright information + */ + +-#if !(defined(linux)) +-#error THIS CODE IS KNOWN TO WORK ONLY ON LINUX !!! +-#endif +- ++#ifdef USE_CAPABILITIES + #include <sys/capability.h> + #include <sys/prctl.h> ++#endif + + #include <stdio.h> + #include <unistd.h> +@@ -62,9 +60,11 @@ + specific user or to count all logins */ + static int priority; /* the priority to run user process with */ + static char chroot_dir[8092] = ""; /* directory to chroot into */ ++#ifdef USE_CAPABILITIES + static cap_t capabilities; /* capability handle */ + static int caps_set = 0; /* capabilities set */ + static int caps_allocated = 0; /* capabilities allocated */ ++#endif + + #define LIMIT_LOGIN RLIM_NLIMITS+1 + #define LIMIT_NUMSYSLOGINS RLIM_NLIMITS+2 +@@ -261,11 +261,13 @@ + priority = 0; + login_limit = -2; + login_limit_def = LIMITS_DEF_NONE; ++#ifdef USE_CAPABILITIES + if (caps_allocated) + cap_free(capabilities); + capabilities = cap_init(); + caps_allocated = 1; + caps_set = 0; ++#endif + return retval; + } + +@@ -401,9 +403,13 @@ + } else if (limit_item == LIMIT_CHROOT) { + strncpy(chroot_dir, value_orig, sizeof(chroot_dir)); + } else if (limit_item == LIMIT_CAPS) { ++#ifdef USE_CAPABILITIES + capabilities = cap_from_text(value_orig); + prctl(PR_SET_KEEPCAPS, 1); + caps_set = 1; ++#else ++ _pam_log(LOG_WARNING, "capabilities not supported on this system, ignoring them"); ++#endif + } + return; + } +@@ -533,12 +539,14 @@ + if (i != 0) + retval = LIMIT_ERR; + } ++#ifdef USE_CAPABILITIES + if (!retval && caps_set) { + retval = cap_set_proc(capabilities) ? LIMIT_ERR : 0; + cap_free(capabilities); + caps_set = 0; + caps_allocated = 0; + } ++#endif + return retval; + } +
\ No newline at end of file |