diff options
| author | Thorsten Kukuk <kukuk@thkukuk.de> | 2005-08-23 13:44:21 +0000 |
|---|---|---|
| committer | Thorsten Kukuk <kukuk@thkukuk.de> | 2005-08-23 13:44:21 +0000 |
| commit | 48f76ecb25bae6ab86468be253b17de38b55b08d (patch) | |
| tree | ad3b365b0f607537b0c46d92f34de4c1392fa57b /modules/pam_limits | |
| parent | ed5d20953e60da5aefb4214305e11810633567e8 (diff) | |
| download | pam-48f76ecb25bae6ab86468be253b17de38b55b08d.tar.gz pam-48f76ecb25bae6ab86468be253b17de38b55b08d.tar.bz2 pam-48f76ecb25bae6ab86468be253b17de38b55b08d.zip | |
Relevant BUGIDs: none
Purpose of commit: new feature
Commit summary:
---------------
Change major version number back to "0".
Add more patches from ALT-Linux/OWL:
Diffstat (limited to 'modules/pam_limits')
| -rw-r--r-- | modules/pam_limits/pam_limits.c | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c index d21ad16a..10ff8969 100644 --- a/modules/pam_limits/pam_limits.c +++ b/modules/pam_limits/pam_limits.c @@ -61,6 +61,7 @@ static const char *limits_def_names[] = { }; struct user_limits_struct { + int supported; int src_soft; int src_hard; struct rlimit limit; @@ -73,7 +74,6 @@ struct pam_limit_s { int flag_numsyslogins; /* whether to limit logins only for a specific user or to count all logins */ int priority; /* the priority to run user process with */ - int supported[RLIM_NLIMITS]; struct user_limits_struct limits[RLIM_NLIMITS]; char conf_file[BUFSIZ]; int utmp_after_pam_call; @@ -229,13 +229,12 @@ static int init_limits(struct pam_limit_s *pl) for(i = 0; i < RLIM_NLIMITS; i++) { int r = getrlimit(i, &pl->limits[i].limit); if (r == -1) { - if (errno == EINVAL) { - pl->supported[i] = 0; - } else { + pl->limits[i].supported = 0; + if (errno != EINVAL) { retval = !PAM_SUCCESS; } } else { - pl->supported[i] = 1; + pl->limits[i].supported = 1; pl->limits[i].src_soft = LIMITS_DEF_NONE; pl->limits[i].src_hard = LIMITS_DEF_NONE; } @@ -570,12 +569,17 @@ static int setup_limits(pam_handle_t *pamh, } for (i=0, status=LIMITED_OK; i<RLIM_NLIMITS; i++) { - if (pl->limits[i].limit.rlim_cur > pl->limits[i].limit.rlim_max) - pl->limits[i].limit.rlim_cur = pl->limits[i].limit.rlim_max; - if (!pl->supported[i]) { + if (!pl->limits[i].supported) { /* skip it if its not known to the system */ continue; } + if (pl->limits[i].src_soft == LIMITS_DEF_NONE && + pl->limits[i].src_hard == LIMITS_DEF_NONE) { + /* skip it if its not initialized */ + continue; + } + if (pl->limits[i].limit.rlim_cur > pl->limits[i].limit.rlim_max) + pl->limits[i].limit.rlim_cur = pl->limits[i].limit.rlim_max; status |= setrlimit(i, &pl->limits[i].limit); } @@ -634,7 +638,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED, retval = init_limits(&pl); if (retval != PAM_SUCCESS) { _pam_log(LOG_WARNING, "cannot initialize"); - return PAM_IGNORE; + return PAM_ABORT; } retval = parse_config_file(pamh, pwd->pw_name, ctrl, &pl); @@ -644,7 +648,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED, } if (retval != PAM_SUCCESS) { _pam_log(LOG_WARNING, "error parsing the configuration file"); - return PAM_IGNORE; + return retval; } if (ctrl & PAM_DO_SETREUID) { |