1 /*- 2 * Copyright (c) 1997 by 3 * David L. Nugent <davidn@blaze.net.au> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, is permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice immediately at the beginning of the file, without modification, 11 * this list of conditions, and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. This work was done expressly for inclusion into FreeBSD. Other use 16 * is permitted provided this notation is included. 17 * 4. Absolutely no warranty of function or purpose is made by the authors. 18 * 5. Modifications may be freely made to this file providing the above 19 * conditions are met. 20 * 21 * Display/change(+runprogram)/eval resource limits. 22 * 23 * $FreeBSD$ 24 */ 25 26 #include <err.h> 27 #include <stdio.h> 28 #include <string.h> 29 #include <sys/types.h> 30 #include <sys/stat.h> 31 #include <sys/param.h> 32 #include <stdlib.h> 33 #include <unistd.h> 34 #include <stdarg.h> 35 #include <ctype.h> 36 #include <errno.h> 37 #include <pwd.h> 38 #include <login_cap.h> 39 #include <sys/time.h> 40 #include <sys/resource.h> 41 42 enum 43 { 44 SH_NONE, 45 SH_SH, /* sh */ 46 SH_CSH, /* csh */ 47 SH_BASH, /* gnu bash */ 48 SH_TCSH, /* tcsh */ 49 SH_KSH, /* (pd)ksh */ 50 SH_ZSH, /* zsh */ 51 SH_RC, /* rc or es */ 52 SH_NUMBER 53 }; 54 55 56 /* eval emitter for popular shells. 57 * Why aren't there any standards here? Most shells support either 58 * the csh 'limit' or sh 'ulimit' command, but each varies just 59 * enough that they aren't very compatible from one to the other. 60 */ 61 static struct { 62 const char * name; /* Name of shell */ 63 const char * inf; /* Name used for 'unlimited' resource */ 64 const char * cmd; /* Intro text */ 65 const char * hard; /* Hard limit text */ 66 const char * soft; /* Soft limit text */ 67 const char * both; /* Hard+Soft limit text */ 68 struct { 69 const char * pfx; 70 const char * sfx; 71 int divisor; 72 } lprm[RLIM_NLIMITS]; 73 } shellparm[] = 74 { 75 { "", "infinity", "Resource limits%s%s:\n", "-max", "-cur", "", 76 { 77 { " cputime%-4s %8s", " secs\n", 1 }, 78 { " filesize%-4s %8s", " kb\n", 1024 }, 79 { " datasize%-4s %8s", " kb\n", 1024 }, 80 { " stacksize%-4s %8s", " kb\n", 1024 }, 81 { " coredumpsize%-4s %8s", " kb\n", 1024 }, 82 { " memoryuse%-4s %8s", " kb\n", 1024 }, 83 { " memorylocked%-4s %8s", " kb\n", 1024 }, 84 { " maxprocesses%-4s %8s", "\n", 1 }, 85 { " openfiles%-4s %8s", "\n", 1 }, 86 { " sbsize%-4s %8s", " bytes\n", 1 } 87 } 88 }, 89 { "sh", "unlimited", "", " -H", " -S", "", 90 { 91 { "ulimit%s -t %s", ";\n", 1 }, 92 { "ulimit%s -f %s", ";\n", 512 }, 93 { "ulimit%s -d %s", ";\n", 1024 }, 94 { "ulimit%s -s %s", ";\n", 1024 }, 95 { "ulimit%s -c %s", ";\n", 512 }, 96 { "ulimit%s -m %s", ";\n", 1024 }, 97 { "ulimit%s -l %s", ";\n", 1024 }, 98 { "ulimit%s -u %s", ";\n", 1 }, 99 { "ulimit%s -n %s", ";\n", 1 }, 100 { "ulimit%s -b %s", ";\n", 1 } 101 } 102 }, 103 { "csh", "unlimited", "", " -h", "", NULL, 104 { 105 { "limit%s cputime %s", ";\n", 1 }, 106 { "limit%s filesize %s", ";\n", 1024 }, 107 { "limit%s datasize %s", ";\n", 1024 }, 108 { "limit%s stacksize %s", ";\n", 1024 }, 109 { "limit%s coredumpsize %s", ";\n", 1024 }, 110 { "limit%s memoryuse %s", ";\n", 1024 }, 111 { "limit%s memorylocked %s", ";\n", 1024 }, 112 { "limit%s maxproc %s", ";\n", 1 }, 113 { "limit%s openfiles %s", ";\n", 1 }, 114 { "limit%s sbsize %s", ";\n", 1 } 115 } 116 }, 117 { "bash|bash2", "unlimited", "", " -H", " -S", "", 118 { 119 { "ulimit%s -t %s", ";\n", 1 }, 120 { "ulimit%s -f %s", ";\n", 1024 }, 121 { "ulimit%s -d %s", ";\n", 1024 }, 122 { "ulimit%s -s %s", ";\n", 1024 }, 123 { "ulimit%s -c %s", ";\n", 1024 }, 124 { "ulimit%s -m %s", ";\n", 1024 }, 125 { "ulimit%s -l %s", ";\n", 1024 }, 126 { "ulimit%s -u %s", ";\n", 1 }, 127 { "ulimit%s -n %s", ";\n", 1 }, 128 { "ulimit%s -b %s", ";\n", 1 } 129 } 130 }, 131 { "tcsh", "unlimited", "", " -h", "", NULL, 132 { 133 { "limit%s cputime %s", ";\n", 1 }, 134 { "limit%s filesize %s", ";\n", 1024 }, 135 { "limit%s datasize %s", ";\n", 1024 }, 136 { "limit%s stacksize %s", ";\n", 1024 }, 137 { "limit%s coredumpsize %s", ";\n", 1024 }, 138 { "limit%s memoryuse %s", ";\n", 1024 }, 139 { "limit%s memorylocked %s", ";\n", 1024 }, 140 { "limit%s maxproc %s", ";\n", 1 }, 141 { "limit%s descriptors %s", ";\n", 1 }, 142 { "limit%s sbsize %s", ";\n", 1 } 143 } 144 }, 145 { "ksh|pdksh", "unlimited", "", " -H", " -S", "", 146 { 147 { "ulimit%s -t %s", ";\n", 1 }, 148 { "ulimit%s -f %s", ";\n", 512 }, 149 { "ulimit%s -d %s", ";\n", 1024 }, 150 { "ulimit%s -s %s", ";\n", 1024 }, 151 { "ulimit%s -c %s", ";\n", 512 }, 152 { "ulimit%s -m %s", ";\n", 1024 }, 153 { "ulimit%s -l %s", ";\n", 1024 }, 154 { "ulimit%s -p %s", ";\n", 1 }, 155 { "ulimit%s -n %s", ";\n", 1 }, 156 { "ulimit%s -b %s", ";\n", 1 } 157 } 158 }, 159 { "zsh", "unlimited", "", " -H", " -S", "", 160 { 161 { "ulimit%s -t %s", ";\n", 1 }, 162 { "ulimit%s -f %s", ";\n", 512 }, 163 { "ulimit%s -d %s", ";\n", 1024 }, 164 { "ulimit%s -s %s", ";\n", 1024 }, 165 { "ulimit%s -c %s", ";\n", 512 }, 166 { "ulimit%s -m %s", ";\n", 1024 }, 167 { "ulimit%s -l %s", ";\n", 1024 }, 168 { "ulimit%s -u %s", ";\n", 1 }, 169 { "ulimit%s -n %s", ";\n", 1 }, 170 { "ulimit%s -b %s", ";\n", 1 } 171 } 172 }, 173 { "rc|es", "unlimited", "", " -h", "", NULL, 174 { 175 { "limit%s cputime %s", ";\n", 1 }, 176 { "limit%s filesize %s", ";\n", 1024 }, 177 { "limit%s datasize %s", ";\n", 1024 }, 178 { "limit%s stacksize %s", ";\n", 1024 }, 179 { "limit%s coredumpsize %s", ";\n", 1024 }, 180 { "limit%s memoryuse %s", ";\n", 1024 }, 181 { "limit%s lockedmemory %s", ";\n", 1024 }, 182 { "limit%s processes %s", ";\n", 1 }, 183 { "limit%s descriptors %s", ";\n", 1 }, 184 { "limit%s sbsize %s", ";\n", 1 } 185 } 186 }, 187 { NULL } 188 }; 189 190 static struct { 191 const char * cap; 192 rlim_t (*func)(login_cap_t *, const char *, rlim_t, rlim_t); 193 } resources[RLIM_NLIMITS] = { 194 { "cputime", login_getcaptime }, 195 { "filesize", login_getcapsize }, 196 { "datasize", login_getcapsize }, 197 { "stacksize", login_getcapsize }, 198 { "coredumpsize", login_getcapsize }, 199 { "memoryuse", login_getcapsize }, 200 { "memorylocked", login_getcapsize }, 201 { "maxproc", login_getcapnum }, 202 { "openfiles", login_getcapnum }, 203 { "sbsize", login_getcapsize } 204 }; 205 206 /* 207 * One letter for each resource levels. 208 * NOTE: There is a dependancy on the corresponding 209 * letter index being equal to the resource number. 210 * If sys/resource.h defines are changed, this needs 211 * to be modified accordingly! 212 */ 213 214 #define RCS_STRING "tfdscmlunb" 215 216 static rlim_t resource_num(int which, int ch, const char *str); 217 static void usage(void); 218 static int getshelltype(void); 219 static void print_limit(rlim_t limit, unsigned divisor, const char *inf, 220 const char *pfx, const char *sfx, const char *which); 221 extern char **environ; 222 223 static const char rcs_string[] = RCS_STRING; 224 225 int 226 main(int argc, char *argv[]) 227 { 228 char *p, *cls = NULL; 229 char *cleanenv[1]; 230 struct passwd * pwd = NULL; 231 int rcswhich, shelltype; 232 int i, num_limits = 0; 233 int ch, doeval = 0, doall = 0; 234 login_cap_t * lc = NULL; 235 enum { ANY=0, SOFT=1, HARD=2, BOTH=3, DISPLAYONLY=4 } type = ANY; 236 enum { RCSUNKNOWN=0, RCSSET=1, RCSSEL=2 } todo = RCSUNKNOWN; 237 int which_limits[RLIM_NLIMITS]; 238 rlim_t set_limits[RLIM_NLIMITS]; 239 struct rlimit limits[RLIM_NLIMITS]; 240 241 /* init resource tables */ 242 for (i = 0; i < RLIM_NLIMITS; i++) { 243 which_limits[i] = 0; /* Don't set/display any */ 244 set_limits[i] = RLIM_INFINITY; 245 /* Get current resource values */ 246 getrlimit(i, &limits[i]); 247 } 248 249 optarg = NULL; 250 while ((ch = getopt(argc, argv, ":EeC:U:BSHabc:d:f:l:m:n:s:t:u:")) != -1) { 251 switch(ch) { 252 case 'a': 253 doall = 1; 254 break; 255 case 'E': 256 environ = cleanenv; 257 cleanenv[0] = NULL; 258 break; 259 case 'e': 260 doeval = 1; 261 break; 262 case 'C': 263 cls = optarg; 264 break; 265 case 'U': 266 if ((pwd = getpwnam(optarg)) == NULL) { 267 if (!isdigit(*optarg) || 268 (pwd = getpwuid(atoi(optarg))) == NULL) { 269 warnx("invalid user `%s'", optarg); 270 usage(); 271 } 272 } 273 break; 274 case 'H': 275 type = HARD; 276 break; 277 case 'S': 278 type = SOFT; 279 break; 280 case 'B': 281 type = SOFT|HARD; 282 break; 283 default: 284 case ':': /* Without arg */ 285 if ((p = strchr(rcs_string, optopt)) != NULL) { 286 int rcswhich = p - rcs_string; 287 if (optarg && *optarg == '-') { /* 'arg' is actually a switch */ 288 --optind; /* back one arg, and make arg NULL */ 289 optarg = NULL; 290 } 291 todo = optarg == NULL ? RCSSEL : RCSSET; 292 if (type == ANY) 293 type = BOTH; 294 which_limits[rcswhich] = optarg ? type : DISPLAYONLY; 295 set_limits[rcswhich] = resource_num(rcswhich, optopt, optarg); 296 num_limits++; 297 break; 298 } 299 /* FALLTHRU */ 300 case '?': 301 usage(); 302 } 303 optarg = NULL; 304 } 305 306 /* If user was specified, get class from that */ 307 if (pwd != NULL) 308 lc = login_getpwclass(pwd); 309 else if (cls != NULL && *cls != '\0') { 310 lc = login_getclassbyname(cls, NULL); 311 if (lc == NULL || strcmp(cls, lc->lc_class) != 0) 312 fprintf(stderr, "login class '%s' non-existent, using %s\n", 313 cls, lc?lc->lc_class:"current settings"); 314 } 315 316 /* If we have a login class, update resource table from that */ 317 if (lc != NULL) { 318 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 319 char str[40]; 320 rlim_t val; 321 322 /* current value overridden by resourcename or resourcename-cur */ 323 sprintf(str, "%s-cur", resources[rcswhich].cap); 324 val = resources[rcswhich].func(lc, resources[rcswhich].cap, limits[rcswhich].rlim_cur, limits[rcswhich].rlim_cur); 325 limits[rcswhich].rlim_cur = resources[rcswhich].func(lc, str, val, val); 326 /* maximum value overridden by resourcename or resourcename-max */ 327 sprintf(str, "%s-max", resources[rcswhich].cap); 328 val = resources[rcswhich].func(lc, resources[rcswhich].cap, limits[rcswhich].rlim_max, limits[rcswhich].rlim_max); 329 limits[rcswhich].rlim_max = resources[rcswhich].func(lc, str, val, val); 330 } 331 } 332 333 /* now, let's determine what we wish to do with all this */ 334 335 argv += optind; 336 337 /* If we're setting limits or doing an eval (ie. we're not just 338 * displaying), then check that hard limits are not lower than 339 * soft limits, and force rasing the hard limit if we need to if 340 * we are raising the soft limit, or lower the soft limit if we 341 * are lowering the hard limit. 342 */ 343 if ((*argv || doeval) && getuid() == 0) { 344 345 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 346 if (limits[rcswhich].rlim_max != RLIM_INFINITY) { 347 if (limits[rcswhich].rlim_cur == RLIM_INFINITY) { 348 limits[rcswhich].rlim_max = RLIM_INFINITY; 349 which_limits[rcswhich] |= HARD; 350 } else if (limits[rcswhich].rlim_cur > limits[rcswhich].rlim_max) { 351 if (which_limits[rcswhich] == SOFT) { 352 limits[rcswhich].rlim_max = limits[rcswhich].rlim_cur; 353 which_limits[rcswhich] |= HARD; 354 } else if (which_limits[rcswhich] == HARD) { 355 limits[rcswhich].rlim_cur = limits[rcswhich].rlim_max; 356 which_limits[rcswhich] |= SOFT; 357 } else { 358 /* else.. if we're specifically setting both to 359 * silly values, then let it error out. 360 */ 361 } 362 } 363 } 364 } 365 } 366 367 /* See if we've overridden anything specific on the command line */ 368 if (num_limits && todo == RCSSET) { 369 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 370 if (which_limits[rcswhich] & HARD) 371 limits[rcswhich].rlim_max = set_limits[rcswhich]; 372 if (which_limits[rcswhich] & SOFT) 373 limits[rcswhich].rlim_cur = set_limits[rcswhich]; 374 } 375 } 376 377 /* If *argv is not NULL, then we are being asked to 378 * (perhaps) set environment variables and run a program 379 */ 380 if (*argv) { 381 if (doeval) { 382 warnx("-e cannot be used with `cmd' option"); 383 usage(); 384 } 385 386 login_close(lc); 387 388 /* set leading environment variables, like eval(1) */ 389 while (*argv && (p = strchr(*argv, '='))) 390 (void)setenv(*argv++, ++p, 1); 391 392 /* Set limits */ 393 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 394 if (doall || num_limits == 0 || which_limits[rcswhich] != 0) 395 if (setrlimit(rcswhich, &limits[rcswhich]) == -1) 396 err(1, "setrlimit %s", resources[rcswhich].cap); 397 } 398 399 if (*argv == NULL) 400 usage(); 401 402 execvp(*argv, argv); 403 err(1, "%s", *argv); 404 } 405 406 shelltype = doeval ? getshelltype() : SH_NONE; 407 408 if (type == ANY) /* Default to soft limits */ 409 type = SOFT; 410 411 /* Display limits */ 412 printf(shellparm[shelltype].cmd, 413 lc ? " for class " : " (current)", 414 lc ? lc->lc_class : ""); 415 416 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 417 if (doall || num_limits == 0 || which_limits[rcswhich] != 0) { 418 if (which_limits[rcswhich] == ANY || which_limits[rcswhich]) 419 which_limits[rcswhich] = type; 420 if (shellparm[shelltype].lprm[rcswhich].pfx) { 421 if (shellparm[shelltype].both && limits[rcswhich].rlim_cur == limits[rcswhich].rlim_max) { 422 print_limit(limits[rcswhich].rlim_max, 423 shellparm[shelltype].lprm[rcswhich].divisor, 424 shellparm[shelltype].inf, 425 shellparm[shelltype].lprm[rcswhich].pfx, 426 shellparm[shelltype].lprm[rcswhich].sfx, 427 shellparm[shelltype].both); 428 } else { 429 if (which_limits[rcswhich] & HARD) { 430 print_limit(limits[rcswhich].rlim_max, 431 shellparm[shelltype].lprm[rcswhich].divisor, 432 shellparm[shelltype].inf, 433 shellparm[shelltype].lprm[rcswhich].pfx, 434 shellparm[shelltype].lprm[rcswhich].sfx, 435 shellparm[shelltype].hard); 436 } 437 if (which_limits[rcswhich] & SOFT) { 438 print_limit(limits[rcswhich].rlim_cur, 439 shellparm[shelltype].lprm[rcswhich].divisor, 440 shellparm[shelltype].inf, 441 shellparm[shelltype].lprm[rcswhich].pfx, 442 shellparm[shelltype].lprm[rcswhich].sfx, 443 shellparm[shelltype].soft); 444 } 445 } 446 } 447 } 448 } 449 450 login_close(lc); 451 exit(EXIT_SUCCESS); 452 } 453 454 455 static void 456 usage(void) 457 { 458 (void)fprintf(stderr, 459 "usage: limits [-C class|-U user] [-eaSHBE] [-bcdflmnstu [val]] [[name=val ...] cmd]\n"); 460 exit(EXIT_FAILURE); 461 } 462 463 static void 464 print_limit(rlim_t limit, unsigned divisor, const char * inf, const char * pfx, const char * sfx, const char * which) 465 { 466 char numbr[64]; 467 468 if (limit == RLIM_INFINITY) 469 strcpy(numbr, inf); 470 else 471 sprintf(numbr, "%qd", (quad_t)((limit + divisor/2) / divisor)); 472 printf(pfx, which, numbr); 473 printf(sfx, which); 474 475 } 476 477 478 static rlim_t 479 resource_num(int which, int ch, const char *str) 480 { 481 rlim_t res = RLIM_INFINITY; 482 483 if (str != NULL && 484 !(strcasecmp(str, "inf") == 0 || 485 strcasecmp(str, "infinity") == 0 || 486 strcasecmp(str, "unlimit") == 0 || 487 strcasecmp(str, "unlimited") == 0)) { 488 const char * s = str; 489 char *e; 490 491 switch (which) { 492 case RLIMIT_CPU: /* time values */ 493 errno = 0; 494 res = 0; 495 while (*s) { 496 rlim_t tim = strtoq(s, &e, 0); 497 if (e == NULL || e == s || errno) 498 break; 499 switch (*e++) { 500 case 0: /* end of string */ 501 e--; 502 default: 503 case 's': case 'S': /* seconds */ 504 break; 505 case 'm': case 'M': /* minutes */ 506 tim *= 60L; 507 break; 508 case 'h': case 'H': /* hours */ 509 tim *= (60L * 60L); 510 break; 511 case 'd': case 'D': /* days */ 512 tim *= (60L * 60L * 24L); 513 break; 514 case 'w': case 'W': /* weeks */ 515 tim *= (60L * 60L * 24L * 7L); 516 case 'y': case 'Y': /* Years */ 517 tim *= (60L * 60L * 24L * 365L); 518 } 519 s = e; 520 res += tim; 521 } 522 break; 523 case RLIMIT_FSIZE: /* Size values */ 524 case RLIMIT_DATA: 525 case RLIMIT_STACK: 526 case RLIMIT_CORE: 527 case RLIMIT_RSS: 528 case RLIMIT_MEMLOCK: 529 errno = 0; 530 res = 0; 531 while (*s) { 532 rlim_t mult, tim = strtoq(s, &e, 0); 533 if (e == NULL || e == s || errno) 534 break; 535 switch (*e++) { 536 case 0: /* end of string */ 537 e--; 538 default: 539 mult = 1; 540 break; 541 case 'b': case 'B': /* 512-byte blocks */ 542 mult = 512; 543 break; 544 case 'k': case 'K': /* 1024-byte Kilobytes */ 545 mult = 1024; 546 break; 547 case 'm': case 'M': /* 1024-k kbytes */ 548 mult = 1024 * 1024; 549 break; 550 case 'g': case 'G': /* 1Gbyte */ 551 mult = 1024 * 1024 * 1024; 552 break; 553 case 't': case 'T': /* 1TBte */ 554 mult = 1024LL * 1024LL * 1024LL * 1024LL; 555 break; 556 } 557 s = e; 558 res += (tim * mult); 559 } 560 break; 561 case RLIMIT_NPROC: 562 case RLIMIT_NOFILE: 563 res = strtoq(s, &e, 0); 564 s = e; 565 break; 566 } 567 if (*s) { 568 warnx("invalid value -%c `%s'", ch, str); 569 usage(); 570 } 571 } 572 return res; 573 } 574 575 576 static int 577 getshellbyname(const char * shell) 578 { 579 int i; 580 const char * q; 581 const char * p = strrchr(shell, '/'); 582 583 p = p ? ++p : shell; 584 for (i = 0; (q = shellparm[i].name) != NULL; i++) { 585 while (*q) { 586 int j = strcspn(q, "|"); 587 588 if (j == 0) 589 break; 590 if (strncmp(p, q, j) == 0) 591 return i; 592 if (*(q += j)) 593 ++q; 594 } 595 } 596 return SH_SH; 597 } 598 599 600 /* 601 * Determine the type of shell our parent process is 602 * This is quite tricky, not 100% reliable and probably 603 * not nearly as thorough as it should be. Basically, this 604 * is a "best guess" only, but hopefully will work in 605 * most cases. 606 */ 607 608 static int 609 getshelltype(void) 610 { 611 pid_t ppid = getppid(); 612 613 if (ppid != 1) { 614 FILE * fp; 615 struct stat st; 616 char procdir[MAXPATHLEN], buf[128]; 617 int l = sprintf(procdir, "/proc/%ld/", (long)ppid); 618 char * shell = getenv("SHELL"); 619 620 if (shell != NULL && stat(shell, &st) != -1) { 621 struct stat st1; 622 623 strcpy(procdir+l, "file"); 624 /* $SHELL is actual shell? */ 625 if (stat(procdir, &st1) != -1 && memcmp(&st, &st1, sizeof st) == 0) 626 return getshellbyname(shell); 627 } 628 strcpy(procdir+l, "status"); 629 if (stat(procdir, &st) == 0 && (fp = fopen(procdir, "r")) != NULL) { 630 char * p = fgets(buf, sizeof buf, fp)==NULL ? NULL : strtok(buf, " \t"); 631 fclose(fp); 632 if (p != NULL) 633 return getshellbyname(p); 634 } 635 } 636 return SH_SH; 637 } 638 639