summaryrefslogtreecommitdiff
path: root/debian/to-be-evaluated/040_hurd_limits
diff options
context:
space:
mode:
Diffstat (limited to 'debian/to-be-evaluated/040_hurd_limits')
-rw-r--r--debian/to-be-evaluated/040_hurd_limits97
1 files changed, 97 insertions, 0 deletions
diff --git a/debian/to-be-evaluated/040_hurd_limits b/debian/to-be-evaluated/040_hurd_limits
new file mode 100644
index 00000000..e601992d
--- /dev/null
+++ b/debian/to-be-evaluated/040_hurd_limits
@@ -0,0 +1,97 @@
+
+diff -urN Linux-PAM-0.72/modules/pam_limits/Makefile Linux-PAM-0.72.new/modules/pam_limits/Makefile
+--- Linux-PAM-0.72/modules/pam_limits/Makefile Wed Jul 4 20:58:43 2001
++++ Linux-PAM-0.72.new/modules/pam_limits/Makefile Wed Jul 4 19:31:37 2001
+@@ -6,7 +6,7 @@
+ # Created by Cristian Gafton <gafton@redhat.com> 1996/09/10
+ #
+
+-ifeq ($(OS),linux)
++ifneq (,$(findstring $(OS),gnu linux))
+ TITLE=pam_limits
+ CONFD=$(CONFIGED)/security
+ export CONFD
+@@ -22,7 +22,10 @@
+ LIBOBJD = $(addprefix dynamic/,$(LIBOBJ))
+ LIBOBJS = $(addprefix static/,$(LIBOBJ))
+
++ifeq (linux,$(OS))
+ LINKLIBS+=-lcap
++CFLAGS+=-DUSE_CAPABILITIES
++endif
+
+ dynamic/%.o : %.c
+ $(CC) $(CFLAGS) $(DYNAMIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
+diff -urN Linux-PAM-0.72/modules/pam_limits/pam_limits.c Linux-PAM-0.72.new/modules/pam_limits/pam_limits.c
+--- Linux-PAM-0.72/modules/pam_limits/pam_limits.c Wed Jul 4 20:58:48 2001
++++ Linux-PAM-0.72.new/modules/pam_limits/pam_limits.c Wed Jul 4 19:31:31 2001
+@@ -13,12 +13,10 @@
+ * See end for Copyright information
+ */
+
+-#if !(defined(linux))
+-#error THIS CODE IS KNOWN TO WORK ONLY ON LINUX !!!
+-#endif
+-
++#ifdef USE_CAPABILITIES
+ #include <sys/capability.h>
+ #include <sys/prctl.h>
++#endif
+
+ #include <stdio.h>
+ #include <unistd.h>
+@@ -62,9 +60,11 @@
+ specific user or to count all logins */
+ static int priority; /* the priority to run user process with */
+ static char chroot_dir[8092] = ""; /* directory to chroot into */
++#ifdef USE_CAPABILITIES
+ static cap_t capabilities; /* capability handle */
+ static int caps_set = 0; /* capabilities set */
+ static int caps_allocated = 0; /* capabilities allocated */
++#endif
+
+ #define LIMIT_LOGIN RLIM_NLIMITS+1
+ #define LIMIT_NUMSYSLOGINS RLIM_NLIMITS+2
+@@ -261,11 +261,13 @@
+ priority = 0;
+ login_limit = -2;
+ login_limit_def = LIMITS_DEF_NONE;
++#ifdef USE_CAPABILITIES
+ if (caps_allocated)
+ cap_free(capabilities);
+ capabilities = cap_init();
+ caps_allocated = 1;
+ caps_set = 0;
++#endif
+ return retval;
+ }
+
+@@ -401,9 +403,13 @@
+ } else if (limit_item == LIMIT_CHROOT) {
+ strncpy(chroot_dir, value_orig, sizeof(chroot_dir));
+ } else if (limit_item == LIMIT_CAPS) {
++#ifdef USE_CAPABILITIES
+ capabilities = cap_from_text(value_orig);
+ prctl(PR_SET_KEEPCAPS, 1);
+ caps_set = 1;
++#else
++ _pam_log(LOG_WARNING, "capabilities not supported on this system, ignoring them");
++#endif
+ }
+ return;
+ }
+@@ -533,12 +539,14 @@
+ if (i != 0)
+ retval = LIMIT_ERR;
+ }
++#ifdef USE_CAPABILITIES
+ if (!retval && caps_set) {
+ retval = cap_set_proc(capabilities) ? LIMIT_ERR : 0;
+ cap_free(capabilities);
+ caps_set = 0;
+ caps_allocated = 0;
+ }
++#endif
+ return retval;
+ }
+ \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-20 03:26:40 +0000