1 /*- 2 * Copyright (c) 1997 by 3 * David L. Nugent <davidn@blaze.net.au> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, is permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice immediately at the beginning of the file, without modification, 11 * this list of conditions, and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. This work was done expressly for inclusion into FreeBSD. Other use 16 * is permitted provided this notation is included. 17 * 4. Absolutely no warranty of function or purpose is made by the authors. 18 * 5. Modifications may be freely made to this file providing the above 19 * conditions are met. 20 * 21 * Display/change(+runprogram)/eval resource limits. 22 * 23 * $FreeBSD$ 24 */ 25 26 #include <err.h> 27 #include <stdio.h> 28 #include <string.h> 29 #include <sys/types.h> 30 #include <sys/stat.h> 31 #include <sys/param.h> 32 #include <stdlib.h> 33 #include <unistd.h> 34 #include <stdarg.h> 35 #include <ctype.h> 36 #include <errno.h> 37 #include <pwd.h> 38 #include <login_cap.h> 39 #include <sys/time.h> 40 #include <sys/resource.h> 41 42 enum 43 { 44 SH_NONE, 45 SH_SH, /* sh */ 46 SH_CSH, /* csh */ 47 SH_BASH, /* gnu bash */ 48 SH_TCSH, /* tcsh */ 49 SH_KSH, /* (pd)ksh */ 50 SH_ZSH, /* zsh */ 51 SH_RC, /* rc or es */ 52 SH_NUMBER 53 }; 54 55 56 /* eval emitter for popular shells. 57 * Why aren't there any standards here? Most shells support either 58 * the csh 'limit' or sh 'ulimit' command, but each varies just 59 * enough that they aren't very compatible from one to the other. 60 */ 61 static struct { 62 const char * name; /* Name of shell */ 63 const char * inf; /* Name used for 'unlimited' resource */ 64 const char * cmd; /* Intro text */ 65 const char * hard; /* Hard limit text */ 66 const char * soft; /* Soft limit text */ 67 const char * both; /* Hard+Soft limit text */ 68 struct { 69 const char * pfx; 70 const char * sfx; 71 int divisor; 72 } lprm[RLIM_NLIMITS]; 73 } shellparm[] = 74 { 75 { "", "infinity", "Resource limits%s%s:\n", "-max", "-cur", "", 76 { 77 { " cputime%-4s %8s", " secs\n", 1 }, 78 { " filesize%-4s %8s", " kb\n", 1024 }, 79 { " datasize%-4s %8s", " kb\n", 1024 }, 80 { " stacksize%-4s %8s", " kb\n", 1024 }, 81 { " coredumpsize%-4s %8s", " kb\n", 1024 }, 82 { " memoryuse%-4s %8s", " kb\n", 1024 }, 83 { " memorylocked%-4s %8s", " kb\n", 1024 }, 84 { " maxprocesses%-4s %8s", "\n", 1 }, 85 { " openfiles%-4s %8s", "\n", 1 }, 86 { " sbsize%-4s %8s", " bytes\n", 1 } 87 } 88 }, 89 { "sh", "unlimited", "", " -H", " -S", "", 90 { 91 { "ulimit%s -t %s", ";\n", 1 }, 92 { "ulimit%s -f %s", ";\n", 512 }, 93 { "ulimit%s -d %s", ";\n", 1024 }, 94 { "ulimit%s -s %s", ";\n", 1024 }, 95 { "ulimit%s -c %s", ";\n", 512 }, 96 { "ulimit%s -m %s", ";\n", 1024 }, 97 { "ulimit%s -l %s", ";\n", 1024 }, 98 { "ulimit%s -u %s", ";\n", 1 }, 99 { "ulimit%s -n %s", ";\n", 1 }, 100 { "ulimit%s -b %s", ";\n", 1 } 101 } 102 }, 103 { "csh", "unlimited", "", " -h", "", NULL, 104 { 105 { "limit%s cputime %s", ";\n", 1 }, 106 { "limit%s filesize %s", ";\n", 1024 }, 107 { "limit%s datasize %s", ";\n", 1024 }, 108 { "limit%s stacksize %s", ";\n", 1024 }, 109 { "limit%s coredumpsize %s", ";\n", 1024 }, 110 { "limit%s memoryuse %s", ";\n", 1024 }, 111 { "limit%s memorylocked %s", ";\n", 1024 }, 112 { "limit%s maxproc %s", ";\n", 1 }, 113 { "limit%s openfiles %s", ";\n", 1 }, 114 { "limit%s sbsize %s", ";\n", 1 } 115 } 116 }, 117 { "bash|bash2", "unlimited", "", " -H", " -S", "", 118 { 119 { "ulimit%s -t %s", ";\n", 1 }, 120 { "ulimit%s -f %s", ";\n", 1024 }, 121 { "ulimit%s -d %s", ";\n", 1024 }, 122 { "ulimit%s -s %s", ";\n", 1024 }, 123 { "ulimit%s -c %s", ";\n", 1024 }, 124 { "ulimit%s -m %s", ";\n", 1024 }, 125 { "ulimit%s -l %s", ";\n", 1024 }, 126 { "ulimit%s -u %s", ";\n", 1 }, 127 { "ulimit%s -n %s", ";\n", 1 }, 128 { "ulimit%s -b %s", ";\n", 1 } 129 } 130 }, 131 { "tcsh", "unlimited", "", " -h", "", NULL, 132 { 133 { "limit%s cputime %s", ";\n", 1 }, 134 { "limit%s filesize %s", ";\n", 1024 }, 135 { "limit%s datasize %s", ";\n", 1024 }, 136 { "limit%s stacksize %s", ";\n", 1024 }, 137 { "limit%s coredumpsize %s", ";\n", 1024 }, 138 { "limit%s memoryuse %s", ";\n", 1024 }, 139 { "limit%s memorylocked %s", ";\n", 1024 }, 140 { "limit%s maxproc %s", ";\n", 1 }, 141 { "limit%s descriptors %s", ";\n", 1 }, 142 { "limit%s sbsize %s", ";\n", 1 } 143 } 144 }, 145 { "ksh|pdksh", "unlimited", "", " -H", " -S", "", 146 { 147 { "ulimit%s -t %s", ";\n", 1 }, 148 { "ulimit%s -f %s", ";\n", 512 }, 149 { "ulimit%s -d %s", ";\n", 1024 }, 150 { "ulimit%s -s %s", ";\n", 1024 }, 151 { "ulimit%s -c %s", ";\n", 512 }, 152 { "ulimit%s -m %s", ";\n", 1024 }, 153 { "ulimit%s -l %s", ";\n", 1024 }, 154 { "ulimit%s -p %s", ";\n", 1 }, 155 { "ulimit%s -n %s", ";\n", 1 }, 156 { "ulimit%s -b %s", ";\n", 1 } 157 } 158 }, 159 { "zsh", "unlimited", "", " -H", " -S", "", 160 { 161 { "ulimit%s -t %s", ";\n", 1 }, 162 { "ulimit%s -f %s", ";\n", 512 }, 163 { "ulimit%s -d %s", ";\n", 1024 }, 164 { "ulimit%s -s %s", ";\n", 1024 }, 165 { "ulimit%s -c %s", ";\n", 512 }, 166 { "ulimit%s -m %s", ";\n", 1024 }, 167 { "ulimit%s -l %s", ";\n", 1024 }, 168 { "ulimit%s -u %s", ";\n", 1 }, 169 { "ulimit%s -n %s", ";\n", 1 }, 170 { "ulimit%s -b %s", ";\n", 1 } 171 } 172 }, 173 { "rc|es", "unlimited", "", " -h", "", NULL, 174 { 175 { "limit%s cputime %s", ";\n", 1 }, 176 { "limit%s filesize %s", ";\n", 1024 }, 177 { "limit%s datasize %s", ";\n", 1024 }, 178 { "limit%s stacksize %s", ";\n", 1024 }, 179 { "limit%s coredumpsize %s", ";\n", 1024 }, 180 { "limit%s memoryuse %s", ";\n", 1024 }, 181 { "limit%s lockedmemory %s", ";\n", 1024 }, 182 { "limit%s processes %s", ";\n", 1 }, 183 { "limit%s descriptors %s", ";\n", 1 }, 184 { "limit%s sbsize %s", ";\n", 1 } 185 } 186 }, 187 { NULL } 188 }; 189 190 static struct { 191 const char * cap; 192 rlim_t (*func)(login_cap_t *, const char *, rlim_t, rlim_t); 193 } resources[RLIM_NLIMITS] = { 194 { "cputime", login_getcaptime }, 195 { "filesize", login_getcapsize }, 196 { "datasize", login_getcapsize }, 197 { "stacksize", login_getcapsize }, 198 { "coredumpsize", login_getcapsize }, 199 { "memoryuse", login_getcapsize }, 200 { "memorylocked", login_getcapsize }, 201 { "maxproc", login_getcapnum }, 202 { "openfiles", login_getcapnum }, 203 { "sbsize", login_getcapnum } 204 }; 205 206 /* 207 * One letter for each resource levels. 208 * NOTE: There is a dependancy on the corresponding 209 * letter index being equal to the resource number. 210 * If sys/resource.h defines are changed, this needs 211 * to be modified accordingly! 212 */ 213 214 #define RCS_STRING "tfdscmlunb" 215 216 static rlim_t resource_num(int which, int ch, const char *str); 217 static void usage(const char *msg, ...); 218 static int getshelltype(void); 219 static void print_limit(rlim_t limit, unsigned divisor, const char *inf, 220 const char *pfx, const char *sfx, const char *which); 221 extern char **environ; 222 223 static const char rcs_string[] = RCS_STRING; 224 225 int 226 main(int argc, char *argv[]) 227 { 228 char *p, *cls = NULL; 229 char *cleanenv[1]; 230 struct passwd * pwd = NULL; 231 int rcswhich, shelltype; 232 int i, num_limits = 0; 233 int ch, doeval = 0, doall = 0; 234 login_cap_t * lc = NULL; 235 enum { ANY=0, SOFT=1, HARD=2, BOTH=3, DISPLAYONLY=4 } type = ANY; 236 enum { RCSUNKNOWN=0, RCSSET=1, RCSSEL=2 } todo = RCSUNKNOWN; 237 int which_limits[RLIM_NLIMITS]; 238 rlim_t set_limits[RLIM_NLIMITS]; 239 struct rlimit limits[RLIM_NLIMITS]; 240 241 /* init resource tables */ 242 for (i = 0; i < RLIM_NLIMITS; i++) { 243 which_limits[i] = 0; /* Don't set/display any */ 244 set_limits[i] = RLIM_INFINITY; 245 /* Get current resource values */ 246 getrlimit(i, &limits[i]); 247 } 248 249 optarg = NULL; 250 while ((ch = getopt(argc, argv, ":EeC:U:BSHabc:d:f:l:m:n:s:t:u:")) != -1) { 251 switch(ch) { 252 case 'a': 253 doall = 1; 254 break; 255 case 'E': 256 environ = cleanenv; 257 cleanenv[0] = NULL; 258 break; 259 case 'e': 260 doeval = 1; 261 break; 262 case 'C': 263 cls = optarg; 264 break; 265 case 'U': 266 if ((pwd = getpwnam(optarg)) == NULL) { 267 if (!isdigit(*optarg) || 268 (pwd = getpwuid(atoi(optarg))) == NULL) { 269 usage("Invalid user `%s'\n", optarg); 270 } 271 } 272 break; 273 case 'H': 274 type = HARD; 275 break; 276 case 'S': 277 type = SOFT; 278 break; 279 case 'B': 280 type = SOFT|HARD; 281 break; 282 default: 283 case ':': /* Without arg */ 284 if ((p = strchr(rcs_string, optopt)) != NULL) { 285 int rcswhich = p - rcs_string; 286 if (optarg && *optarg == '-') { /* 'arg' is actually a switch */ 287 --optind; /* back one arg, and make arg NULL */ 288 optarg = NULL; 289 } 290 todo = optarg == NULL ? RCSSEL : RCSSET; 291 if (type == ANY) 292 type = BOTH; 293 which_limits[rcswhich] = optarg ? type : DISPLAYONLY; 294 set_limits[rcswhich] = resource_num(rcswhich, optopt, optarg); 295 num_limits++; 296 break; 297 } 298 /* FALLTHRU */ 299 case '?': 300 usage(NULL); 301 } 302 optarg = NULL; 303 } 304 305 /* If user was specified, get class from that */ 306 if (pwd != NULL) 307 lc = login_getpwclass(pwd); 308 else if (cls != NULL && *cls != '\0') { 309 lc = login_getclassbyname(cls, NULL); 310 if (lc == NULL || strcmp(cls, lc->lc_class) != 0) 311 fprintf(stderr, "login class '%s' non-existent, using %s\n", 312 cls, lc?lc->lc_class:"current settings"); 313 } 314 315 /* If we have a login class, update resource table from that */ 316 if (lc != NULL) { 317 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 318 char str[40]; 319 rlim_t val; 320 321 /* current value overridden by resourcename or resourcename-cur */ 322 sprintf(str, "%s-cur", resources[rcswhich].cap); 323 val = resources[rcswhich].func(lc, resources[rcswhich].cap, limits[rcswhich].rlim_cur, limits[rcswhich].rlim_cur); 324 limits[rcswhich].rlim_cur = resources[rcswhich].func(lc, str, val, val); 325 /* maximum value overridden by resourcename or resourcename-max */ 326 sprintf(str, "%s-max", resources[rcswhich].cap); 327 val = resources[rcswhich].func(lc, resources[rcswhich].cap, limits[rcswhich].rlim_max, limits[rcswhich].rlim_max); 328 limits[rcswhich].rlim_max = resources[rcswhich].func(lc, str, val, val); 329 } 330 } 331 332 /* now, let's determine what we wish to do with all this */ 333 334 argv += optind; 335 336 /* If we're setting limits or doing an eval (ie. we're not just 337 * displaying), then check that hard limits are not lower than 338 * soft limits, and force rasing the hard limit if we need to if 339 * we are raising the soft limit, or lower the soft limit if we 340 * are lowering the hard limit. 341 */ 342 if ((*argv || doeval) && getuid() == 0) { 343 344 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 345 if (limits[rcswhich].rlim_max != RLIM_INFINITY) { 346 if (limits[rcswhich].rlim_cur == RLIM_INFINITY) { 347 limits[rcswhich].rlim_max = RLIM_INFINITY; 348 which_limits[rcswhich] |= HARD; 349 } else if (limits[rcswhich].rlim_cur > limits[rcswhich].rlim_max) { 350 if (which_limits[rcswhich] == SOFT) { 351 limits[rcswhich].rlim_max = limits[rcswhich].rlim_cur; 352 which_limits[rcswhich] |= HARD; 353 } else if (which_limits[rcswhich] == HARD) { 354 limits[rcswhich].rlim_cur = limits[rcswhich].rlim_max; 355 which_limits[rcswhich] |= SOFT; 356 } else { 357 /* else.. if we're specifically setting both to 358 * silly values, then let it error out. 359 */ 360 } 361 } 362 } 363 } 364 } 365 366 /* See if we've overridden anything specific on the command line */ 367 if (num_limits && todo == RCSSET) { 368 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 369 if (which_limits[rcswhich] & HARD) 370 limits[rcswhich].rlim_max = set_limits[rcswhich]; 371 if (which_limits[rcswhich] & SOFT) 372 limits[rcswhich].rlim_cur = set_limits[rcswhich]; 373 } 374 } 375 376 /* If *argv is not NULL, then we are being asked to 377 * (perhaps) set environment variables and run a program 378 */ 379 if (*argv) { 380 if (doeval) 381 usage("-e cannot be used with `cmd' option\n"); 382 383 login_close(lc); 384 385 /* set leading environment variables, like eval(1) */ 386 while (*argv && (p = strchr(*argv, '='))) 387 (void)setenv(*argv++, ++p, 1); 388 389 /* Set limits */ 390 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 391 if (doall || num_limits == 0 || which_limits[rcswhich] != 0) 392 if (setrlimit(rcswhich, &limits[rcswhich]) == -1) 393 err(1, "setrlimit %s", resources[rcswhich].cap); 394 } 395 396 if (*argv == NULL) 397 usage(NULL); 398 399 execvp(*argv, argv); 400 err(1, "%s", *argv); 401 } 402 403 shelltype = doeval ? getshelltype() : SH_NONE; 404 405 if (type == ANY) /* Default to soft limits */ 406 type = SOFT; 407 408 /* Display limits */ 409 printf(shellparm[shelltype].cmd, 410 lc ? " for class " : " (current)", 411 lc ? lc->lc_class : ""); 412 413 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 414 if (doall || num_limits == 0 || which_limits[rcswhich] != 0) { 415 if (which_limits[rcswhich] == ANY || which_limits[rcswhich]) 416 which_limits[rcswhich] = type; 417 if (shellparm[shelltype].lprm[rcswhich].pfx) { 418 if (shellparm[shelltype].both && limits[rcswhich].rlim_cur == limits[rcswhich].rlim_max) { 419 print_limit(limits[rcswhich].rlim_max, 420 shellparm[shelltype].lprm[rcswhich].divisor, 421 shellparm[shelltype].inf, 422 shellparm[shelltype].lprm[rcswhich].pfx, 423 shellparm[shelltype].lprm[rcswhich].sfx, 424 shellparm[shelltype].both); 425 } else { 426 if (which_limits[rcswhich] & HARD) { 427 print_limit(limits[rcswhich].rlim_max, 428 shellparm[shelltype].lprm[rcswhich].divisor, 429 shellparm[shelltype].inf, 430 shellparm[shelltype].lprm[rcswhich].pfx, 431 shellparm[shelltype].lprm[rcswhich].sfx, 432 shellparm[shelltype].hard); 433 } 434 if (which_limits[rcswhich] & SOFT) { 435 print_limit(limits[rcswhich].rlim_cur, 436 shellparm[shelltype].lprm[rcswhich].divisor, 437 shellparm[shelltype].inf, 438 shellparm[shelltype].lprm[rcswhich].pfx, 439 shellparm[shelltype].lprm[rcswhich].sfx, 440 shellparm[shelltype].soft); 441 } 442 } 443 } 444 } 445 } 446 447 login_close(lc); 448 exit(EXIT_SUCCESS); 449 } 450 451 452 static void 453 usage(char const *msg, ...) 454 { 455 if (msg) { 456 va_list argp; 457 va_start(argp, msg); 458 vfprintf(stderr, msg, argp); 459 va_end(argp); 460 } 461 (void)fprintf(stderr, 462 "usage: limits [-C class|-U user] [-eaSHBE] [-bcdflmnstu [val]] [[name=val ...] cmd]\n"); 463 exit(EXIT_FAILURE); 464 } 465 466 static void 467 print_limit(rlim_t limit, unsigned divisor, const char * inf, const char * pfx, const char * sfx, const char * which) 468 { 469 char numbr[64]; 470 471 if (limit == RLIM_INFINITY) 472 strcpy(numbr, inf); 473 else 474 sprintf(numbr, "%qd", (quad_t)((limit + divisor/2) / divisor)); 475 printf(pfx, which, numbr); 476 printf(sfx, which); 477 478 } 479 480 481 static rlim_t 482 resource_num(int which, int ch, const char *str) 483 { 484 rlim_t res = RLIM_INFINITY; 485 486 if (str != NULL && 487 !(strcasecmp(str, "inf") == 0 || 488 strcasecmp(str, "infinity") == 0 || 489 strcasecmp(str, "unlimit") == 0 || 490 strcasecmp(str, "unlimited") == 0)) { 491 const char * s = str; 492 char *e; 493 494 switch (which) { 495 case RLIMIT_CPU: /* time values */ 496 errno = 0; 497 res = 0; 498 while (*s) { 499 rlim_t tim = strtoq(s, &e, 0); 500 if (e == NULL || e == s || errno) 501 break; 502 switch (*e++) { 503 case 0: /* end of string */ 504 e--; 505 default: 506 case 's': case 'S': /* seconds */ 507 break; 508 case 'm': case 'M': /* minutes */ 509 tim *= 60L; 510 break; 511 case 'h': case 'H': /* hours */ 512 tim *= (60L * 60L); 513 break; 514 case 'd': case 'D': /* days */ 515 tim *= (60L * 60L * 24L); 516 break; 517 case 'w': case 'W': /* weeks */ 518 tim *= (60L * 60L * 24L * 7L); 519 case 'y': case 'Y': /* Years */ 520 tim *= (60L * 60L * 24L * 365L); 521 } 522 s = e; 523 res += tim; 524 } 525 break; 526 case RLIMIT_FSIZE: /* Size values */ 527 case RLIMIT_DATA: 528 case RLIMIT_STACK: 529 case RLIMIT_CORE: 530 case RLIMIT_RSS: 531 case RLIMIT_MEMLOCK: 532 errno = 0; 533 res = 0; 534 while (*s) { 535 rlim_t mult, tim = strtoq(s, &e, 0); 536 if (e == NULL || e == s || errno) 537 break; 538 switch (*e++) { 539 case 0: /* end of string */ 540 e--; 541 default: 542 mult = 1; 543 break; 544 case 'b': case 'B': /* 512-byte blocks */ 545 mult = 512; 546 break; 547 case 'k': case 'K': /* 1024-byte Kilobytes */ 548 mult = 1024; 549 break; 550 case 'm': case 'M': /* 1024-k kbytes */ 551 mult = 1024 * 1024; 552 break; 553 case 'g': case 'G': /* 1Gbyte */ 554 mult = 1024 * 1024 * 1024; 555 break; 556 case 't': case 'T': /* 1TBte */ 557 mult = 1024LL * 1024LL * 1024LL * 1024LL; 558 break; 559 } 560 s = e; 561 res += (tim * mult); 562 } 563 break; 564 case RLIMIT_NPROC: 565 case RLIMIT_NOFILE: 566 res = strtoq(s, &e, 0); 567 s = e; 568 break; 569 } 570 if (*s) 571 usage("invalid value -%c `%s'\n", ch, str); 572 } 573 return res; 574 } 575 576 577 static int 578 getshellbyname(const char * shell) 579 { 580 int i; 581 const char * q; 582 const char * p = strrchr(shell, '/'); 583 584 p = p ? ++p : shell; 585 for (i = 0; (q = shellparm[i].name) != NULL; i++) { 586 while (*q) { 587 int j = strcspn(q, "|"); 588 589 if (j == 0) 590 break; 591 if (strncmp(p, q, j) == 0) 592 return i; 593 if (*(q += j)) 594 ++q; 595 } 596 } 597 return SH_SH; 598 } 599 600 601 /* 602 * Determine the type of shell our parent process is 603 * This is quite tricky, not 100% reliable and probably 604 * not nearly as thorough as it should be. Basically, this 605 * is a "best guess" only, but hopefully will work in 606 * most cases. 607 */ 608 609 static int 610 getshelltype(void) 611 { 612 pid_t ppid = getppid(); 613 614 if (ppid != 1) { 615 FILE * fp; 616 struct stat st; 617 char procdir[MAXPATHLEN], buf[128]; 618 int l = sprintf(procdir, "/proc/%ld/", (long)ppid); 619 char * shell = getenv("SHELL"); 620 621 if (shell != NULL && stat(shell, &st) != -1) { 622 struct stat st1; 623 624 strcpy(procdir+l, "file"); 625 /* $SHELL is actual shell? */ 626 if (stat(procdir, &st1) != -1 && memcmp(&st, &st1, sizeof st) == 0) 627 return getshellbyname(shell); 628 } 629 strcpy(procdir+l, "status"); 630 if (stat(procdir, &st) == 0 && (fp = fopen(procdir, "r")) != NULL) { 631 char * p = fgets(buf, sizeof buf, fp)==NULL ? NULL : strtok(buf, " \t"); 632 fclose(fp); 633 if (p != NULL) 634 return getshellbyname(p); 635 } 636 } 637 return SH_SH; 638 } 639 640