From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Thu, 6 Mar 2008 17:19:57 +0000 (+0000)
Subject: Add aix_setlimits() to set resource limits on AIX using a combination
X-Git-Tag: SUDO_1_7_0~160
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=897239afe96a0d19c3936c01d170dacad6fae0a8;p=sudo

Add aix_setlimits() to set resource limits on AIX using a combination
of getuserattr() and setrlimit().  Currently untested.
---

diff --git a/Makefile.in b/Makefile.in
index 9d3527f69..6918d376b 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,5 +1,6 @@
 #
-# Copyright (c) 1996, 1998-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+# Copyright (c) 1996, 1998-2005, 2007-2008
+#	Todd C. Miller <Todd.Miller@courtesan.com>
 #
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
@@ -100,7 +101,7 @@ SHELL = /bin/sh
 
 PROGS = @PROGS@
 
-SRCS = alias.c alloc.c check.c closefrom.c def_data.c defaults.c env.c \
+SRCS = aix.c alias.c alloc.c check.c closefrom.c def_data.c defaults.c env.c \
        error.c fileops.c find_path.c fnmatch.c getcwd.c getprogname.c \
        getspwuid.c gettime.c glob.c goodpath.c gram.c gram.y interfaces.c \
        lbuf.c ldap.c list.c logging.c match.c mkstemp.c memrchr.c parse.c \
@@ -217,6 +218,8 @@ $(devdir)/toke.c: $(srcdir)/toke.l
 @DEV@	perl $(srcdir)/mkdefaults -o def_data $(srcdir)/def_data.in
 
 # Dependencies (not counting auth functions)
+aix.o: $(srcdir)/aix.c
+	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/aix.c
 alias.o: $(srcdir)/alias.c $(SUDODEP) $(srcdir)/parse.h $(srcdir)/list.h $(srcdir)/redblack.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/alias.c
 alloc.o: $(srcdir)/alloc.c $(SUDODEP)
diff --git a/aix.c b/aix.c
new file mode 100644
index 000000000..b27227fac
--- /dev/null
+++ b/aix.c
@@ -0,0 +1,79 @@
+/*
+ * Copyright (c) 2008 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/resource.h>
+
+#include <stdio.h>
+#ifdef STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+#  include <stdlib.h>
+# endif
+#endif /* STDC_HEADERS */
+#include <usersec.h>
+
+#include <compat.h>
+
+#ifndef lint
+__unused static const char rcsid[] = "$Sudo$";
+#endif /* lint */
+
+#ifdef HAVE_GETUSERATTR
+
+struct aix_limit {
+    int resource;
+    const char *soft;
+    const char *hard;
+};
+
+static struct aix_limit aix_limits[] = {
+    { RLIMIT_FSIZE, S_UFSIZE, S_UFSIZE_HARD },
+    { RLIMIT_CPU, S_UCPU, S_UCPU_HARD },
+    { RLIMIT_DATA, S_UDATA, S_UDATA_HARD },
+    { RLIMIT_STACK, S_USTACK, S_USTACK_HARD },
+    { RLIMIT_RSS, S_URSS, S_URSS_HARD },
+    { RLIMIT_CORE, S_UCORE, S_UCORE_HARD },
+    { RLIMIT_NOFILE, S_UNOFILE, S_UNOFILE_HARD }
+};
+
+void
+aix_setlimits(user)
+    const char *user;
+{
+    struct rlimit rlim;
+    int i, n;
+
+    /*
+     * For each resource limit, get the soft/hard values for the user
+     * and set those values via setrlimit().  Must be run as euid 0.
+     */
+    for (n = 0; n < sizeof(aix_limits) / sizeof(aix_limits[0])) {
+	if (getuserattr(user, aix_limits[n].soft, &i, SEC_INT) != 0)
+	    continue;
+	rlim.rlim_cur = i;
+	if (getuserattr(user, aix_limits[n].hard, &i, SEC_INT) != 0)
+	    continue;
+	rlim.rlim_max = i;
+	(void)setrlimit(aix_limits[n].resource, &rlim);
+    }
+}
+
+#endif /* HAVE_GETUSERATTR */
diff --git a/config.h.in b/config.h.in
index 00d91cbd5..063b5d656 100644
--- a/config.h.in
+++ b/config.h.in
@@ -159,6 +159,9 @@
 /* Define to 1 if you have the `gettimeofday' function. */
 #undef HAVE_GETTIMEOFDAY
 
+/* Define to 1 if you have the `getuserattr' function. */
+#undef HAVE_GETUSERATTR
+
 /* Define to 1 if you have the `glob' function. */
 #undef HAVE_GLOB
 
diff --git a/configure b/configure
index 0a772b3d2..ecc2f5985 100755
--- a/configure
+++ b/configure
@@ -11608,6 +11608,103 @@ fi
 done
 
 		fi
+
+		# AIX-specific functions
+
+for ac_func in getuserattr
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
+  echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+  cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h.  */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h.  */
+/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
+   For example, HP-UX 11i <limits.h> declares gettimeofday.  */
+#define $ac_func innocuous_$ac_func
+
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func (); below.
+    Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+    <limits.h> exists even on freestanding compilers.  */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef $ac_func
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $ac_func ();
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined __stub_$ac_func || defined __stub___$ac_func
+choke me
+#endif
+
+int
+main ()
+{
+return $ac_func ();
+  ;
+  return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+  (eval "$ac_link") 2>conftest.er1
+  ac_status=$?
+  grep -v '^ *+' conftest.er1 >conftest.err
+  rm -f conftest.er1
+  cat conftest.err >&5
+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
+  (exit $ac_status); } && {
+	 test -z "$ac_c_werror_flag" ||
+	 test ! -s conftest.err
+       } && test -s conftest$ac_exeext &&
+       $as_test_x conftest$ac_exeext; then
+  eval "$as_ac_var=yes"
+else
+  echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+	eval "$as_ac_var=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+      conftest$ac_exeext conftest.$ac_ext
+fi
+ac_res=`eval echo '${'$as_ac_var'}'`
+	       { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+  cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+		SUDO_OBJS="$SUDO_OBJS aix.o"
 		;;
     *-*-hiuxmpp*)
 		: ${mansectsu='1m'}
diff --git a/configure.in b/configure.in
index ce457315c..5ff7b5b56 100644
--- a/configure.in
+++ b/configure.in
@@ -1331,6 +1331,10 @@ case "$host" in
 		if test X"$with_aixauth" = X""; then
 		    AC_CHECK_FUNCS(authenticate, [AUTH_EXCL_DEF="AIX_AUTH"])
 		fi
+
+		# AIX-specific functions
+		AC_CHECK_FUNCS(getuserattr)
+		SUDO_OBJS="$SUDO_OBJS aix.o"
 		;;
     *-*-hiuxmpp*)
 		: ${mansectsu='1m'}
diff --git a/set_perms.c b/set_perms.c
index 3cd6bc566..c9cecb77d 100644
--- a/set_perms.c
+++ b/set_perms.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994-1996,1998-2006 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1994-1996,1998-2008 Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -520,6 +520,9 @@ runas_setup()
 
     if (runas_pw->pw_name != NULL) {
 	gid = runas_gr ? runas_gr->gr_gid : runas_pw->pw_gid;
+#ifdef HAVE_GETUSERATTR
+	aix_setlimits(runas_pw->pw_name);
+#endif
 #ifdef HAVE_PAM
 	pam_prep_user(runas_pw);
 #endif /* HAVE_PAM */
diff --git a/sudo.h b/sudo.h
index 4ca38dabd..8bd4f3110 100644
--- a/sudo.h
+++ b/sudo.h
@@ -313,6 +313,9 @@ struct group *sudo_getgrgid __P((gid_t));
 #ifdef HAVE_SELINUX
 void selinux_exec __P((char *, char *, char **, int));
 #endif
+#ifdef HAVE_GETUSERATTR
+void aix_setlimits __P((const char *));
+#endif
 YY_DECL;
 
 /* Only provide extern declarations outside of sudo.c. */