1 /*- 2 * Copyright (c) 1997 by 3 * David L. Nugent <davidn@blaze.net.au> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, is permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice immediately at the beginning of the file, without modification, 11 * this list of conditions, and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. This work was done expressly for inclusion into FreeBSD. Other use 16 * is permitted provided this notation is included. 17 * 4. Absolutely no warranty of function or purpose is made by the authors. 18 * 5. Modifications may be freely made to this file providing the above 19 * conditions are met. 20 * 21 * Display/change(+runprogram)/eval resource limits. 22 * 23 * $FreeBSD$ 24 */ 25 26 #include <err.h> 27 #include <stdio.h> 28 #include <string.h> 29 #include <sys/types.h> 30 #include <sys/stat.h> 31 #include <sys/param.h> 32 #include <stdlib.h> 33 #include <unistd.h> 34 #include <stdarg.h> 35 #include <stdint.h> 36 #include <ctype.h> 37 #include <errno.h> 38 #include <pwd.h> 39 #include <login_cap.h> 40 #include <sys/time.h> 41 #include <sys/resource.h> 42 43 enum 44 { 45 SH_NONE, 46 SH_SH, /* sh */ 47 SH_CSH, /* csh */ 48 SH_BASH, /* gnu bash */ 49 SH_TCSH, /* tcsh */ 50 SH_KSH, /* (pd)ksh */ 51 SH_ZSH, /* zsh */ 52 SH_RC, /* rc or es */ 53 SH_NUMBER 54 }; 55 56 57 /* eval emitter for popular shells. 58 * Why aren't there any standards here? Most shells support either 59 * the csh 'limit' or sh 'ulimit' command, but each varies just 60 * enough that they aren't very compatible from one to the other. 61 */ 62 static struct { 63 const char * name; /* Name of shell */ 64 const char * inf; /* Name used for 'unlimited' resource */ 65 const char * cmd; /* Intro text */ 66 const char * hard; /* Hard limit text */ 67 const char * soft; /* Soft limit text */ 68 const char * both; /* Hard+Soft limit text */ 69 struct { 70 const char * pfx; 71 const char * sfx; 72 int divisor; 73 } lprm[RLIM_NLIMITS]; 74 } shellparm[] = 75 { 76 { "", "infinity", "Resource limits%s%s:\n", "-max", "-cur", "", 77 { 78 { " cputime%-4s %8s", " secs\n", 1 }, 79 { " filesize%-4s %8s", " kb\n", 1024 }, 80 { " datasize%-4s %8s", " kb\n", 1024 }, 81 { " stacksize%-4s %8s", " kb\n", 1024 }, 82 { " coredumpsize%-4s %8s", " kb\n", 1024 }, 83 { " memoryuse%-4s %8s", " kb\n", 1024 }, 84 { " memorylocked%-4s %8s", " kb\n", 1024 }, 85 { " maxprocesses%-4s %8s", "\n", 1 }, 86 { " openfiles%-4s %8s", "\n", 1 }, 87 { " sbsize%-4s %8s", " bytes\n", 1 } 88 } 89 }, 90 { "sh", "unlimited", "", " -H", " -S", "", 91 { 92 { "ulimit%s -t %s", ";\n", 1 }, 93 { "ulimit%s -f %s", ";\n", 512 }, 94 { "ulimit%s -d %s", ";\n", 1024 }, 95 { "ulimit%s -s %s", ";\n", 1024 }, 96 { "ulimit%s -c %s", ";\n", 512 }, 97 { "ulimit%s -m %s", ";\n", 1024 }, 98 { "ulimit%s -l %s", ";\n", 1024 }, 99 { "ulimit%s -u %s", ";\n", 1 }, 100 { "ulimit%s -n %s", ";\n", 1 }, 101 { "ulimit%s -b %s", ";\n", 1 } 102 } 103 }, 104 { "csh", "unlimited", "", " -h", "", NULL, 105 { 106 { "limit%s cputime %s", ";\n", 1 }, 107 { "limit%s filesize %s", ";\n", 1024 }, 108 { "limit%s datasize %s", ";\n", 1024 }, 109 { "limit%s stacksize %s", ";\n", 1024 }, 110 { "limit%s coredumpsize %s", ";\n", 1024 }, 111 { "limit%s memoryuse %s", ";\n", 1024 }, 112 { "limit%s memorylocked %s", ";\n", 1024 }, 113 { "limit%s maxproc %s", ";\n", 1 }, 114 { "limit%s openfiles %s", ";\n", 1 }, 115 { "limit%s sbsize %s", ";\n", 1 } 116 } 117 }, 118 { "bash|bash2", "unlimited", "", " -H", " -S", "", 119 { 120 { "ulimit%s -t %s", ";\n", 1 }, 121 { "ulimit%s -f %s", ";\n", 1024 }, 122 { "ulimit%s -d %s", ";\n", 1024 }, 123 { "ulimit%s -s %s", ";\n", 1024 }, 124 { "ulimit%s -c %s", ";\n", 1024 }, 125 { "ulimit%s -m %s", ";\n", 1024 }, 126 { "ulimit%s -l %s", ";\n", 1024 }, 127 { "ulimit%s -u %s", ";\n", 1 }, 128 { "ulimit%s -n %s", ";\n", 1 }, 129 { "ulimit%s -b %s", ";\n", 1 } 130 } 131 }, 132 { "tcsh", "unlimited", "", " -h", "", NULL, 133 { 134 { "limit%s cputime %s", ";\n", 1 }, 135 { "limit%s filesize %s", ";\n", 1024 }, 136 { "limit%s datasize %s", ";\n", 1024 }, 137 { "limit%s stacksize %s", ";\n", 1024 }, 138 { "limit%s coredumpsize %s", ";\n", 1024 }, 139 { "limit%s memoryuse %s", ";\n", 1024 }, 140 { "limit%s memorylocked %s", ";\n", 1024 }, 141 { "limit%s maxproc %s", ";\n", 1 }, 142 { "limit%s descriptors %s", ";\n", 1 }, 143 { "limit%s sbsize %s", ";\n", 1 } 144 } 145 }, 146 { "ksh|pdksh", "unlimited", "", " -H", " -S", "", 147 { 148 { "ulimit%s -t %s", ";\n", 1 }, 149 { "ulimit%s -f %s", ";\n", 512 }, 150 { "ulimit%s -d %s", ";\n", 1024 }, 151 { "ulimit%s -s %s", ";\n", 1024 }, 152 { "ulimit%s -c %s", ";\n", 512 }, 153 { "ulimit%s -m %s", ";\n", 1024 }, 154 { "ulimit%s -l %s", ";\n", 1024 }, 155 { "ulimit%s -p %s", ";\n", 1 }, 156 { "ulimit%s -n %s", ";\n", 1 }, 157 { "ulimit%s -b %s", ";\n", 1 } 158 } 159 }, 160 { "zsh", "unlimited", "", " -H", " -S", "", 161 { 162 { "ulimit%s -t %s", ";\n", 1 }, 163 { "ulimit%s -f %s", ";\n", 512 }, 164 { "ulimit%s -d %s", ";\n", 1024 }, 165 { "ulimit%s -s %s", ";\n", 1024 }, 166 { "ulimit%s -c %s", ";\n", 512 }, 167 { "ulimit%s -m %s", ";\n", 1024 }, 168 { "ulimit%s -l %s", ";\n", 1024 }, 169 { "ulimit%s -u %s", ";\n", 1 }, 170 { "ulimit%s -n %s", ";\n", 1 }, 171 { "ulimit%s -b %s", ";\n", 1 } 172 } 173 }, 174 { "rc|es", "unlimited", "", " -h", "", NULL, 175 { 176 { "limit%s cputime %s", ";\n", 1 }, 177 { "limit%s filesize %s", ";\n", 1024 }, 178 { "limit%s datasize %s", ";\n", 1024 }, 179 { "limit%s stacksize %s", ";\n", 1024 }, 180 { "limit%s coredumpsize %s", ";\n", 1024 }, 181 { "limit%s memoryuse %s", ";\n", 1024 }, 182 { "limit%s lockedmemory %s", ";\n", 1024 }, 183 { "limit%s processes %s", ";\n", 1 }, 184 { "limit%s descriptors %s", ";\n", 1 }, 185 { "limit%s sbsize %s", ";\n", 1 } 186 } 187 }, 188 { NULL, NULL, NULL, NULL, NULL, NULL, 189 { } 190 } 191 }; 192 193 static struct { 194 const char * cap; 195 rlim_t (*func)(login_cap_t *, const char *, rlim_t, rlim_t); 196 } resources[RLIM_NLIMITS] = { 197 { "cputime", login_getcaptime }, 198 { "filesize", login_getcapsize }, 199 { "datasize", login_getcapsize }, 200 { "stacksize", login_getcapsize }, 201 { "coredumpsize", login_getcapsize }, 202 { "memoryuse", login_getcapsize }, 203 { "memorylocked", login_getcapsize }, 204 { "maxproc", login_getcapnum }, 205 { "openfiles", login_getcapnum }, 206 { "sbsize", login_getcapsize } 207 }; 208 209 /* 210 * One letter for each resource levels. 211 * NOTE: There is a dependancy on the corresponding 212 * letter index being equal to the resource number. 213 * If sys/resource.h defines are changed, this needs 214 * to be modified accordingly! 215 */ 216 217 #define RCS_STRING "tfdscmlunb" 218 219 static rlim_t resource_num(int which, int ch, const char *str); 220 static void usage(void); 221 static int getshelltype(void); 222 static void print_limit(rlim_t limit, unsigned divisor, const char *inf, 223 const char *pfx, const char *sfx, const char *which); 224 extern char **environ; 225 226 static const char rcs_string[] = RCS_STRING; 227 228 int 229 main(int argc, char *argv[]) 230 { 231 char *p, *cls = NULL; 232 char *cleanenv[1]; 233 struct passwd * pwd = NULL; 234 int rcswhich, shelltype; 235 int i, num_limits = 0; 236 int ch, doeval = 0, doall = 0; 237 login_cap_t * lc = NULL; 238 enum { ANY=0, SOFT=1, HARD=2, BOTH=3, DISPLAYONLY=4 } type = ANY; 239 enum { RCSUNKNOWN=0, RCSSET=1, RCSSEL=2 } todo = RCSUNKNOWN; 240 int which_limits[RLIM_NLIMITS]; 241 rlim_t set_limits[RLIM_NLIMITS]; 242 struct rlimit limits[RLIM_NLIMITS]; 243 244 /* init resource tables */ 245 for (i = 0; i < RLIM_NLIMITS; i++) { 246 which_limits[i] = 0; /* Don't set/display any */ 247 set_limits[i] = RLIM_INFINITY; 248 /* Get current resource values */ 249 getrlimit(i, &limits[i]); 250 } 251 252 optarg = NULL; 253 while ((ch = getopt(argc, argv, ":EeC:U:BSHabc:d:f:l:m:n:s:t:u:")) != -1) { 254 switch(ch) { 255 case 'a': 256 doall = 1; 257 break; 258 case 'E': 259 environ = cleanenv; 260 cleanenv[0] = NULL; 261 break; 262 case 'e': 263 doeval = 1; 264 break; 265 case 'C': 266 cls = optarg; 267 break; 268 case 'U': 269 if ((pwd = getpwnam(optarg)) == NULL) { 270 if (!isdigit(*optarg) || 271 (pwd = getpwuid(atoi(optarg))) == NULL) { 272 warnx("invalid user `%s'", optarg); 273 usage(); 274 } 275 } 276 break; 277 case 'H': 278 type = HARD; 279 break; 280 case 'S': 281 type = SOFT; 282 break; 283 case 'B': 284 type = SOFT|HARD; 285 break; 286 default: 287 case ':': /* Without arg */ 288 if ((p = strchr(rcs_string, optopt)) != NULL) { 289 int rcswhich1 = p - rcs_string; 290 if (optarg && *optarg == '-') { /* 'arg' is actually a switch */ 291 --optind; /* back one arg, and make arg NULL */ 292 optarg = NULL; 293 } 294 todo = optarg == NULL ? RCSSEL : RCSSET; 295 if (type == ANY) 296 type = BOTH; 297 which_limits[rcswhich1] = optarg ? type : DISPLAYONLY; 298 set_limits[rcswhich1] = resource_num(rcswhich1, optopt, optarg); 299 num_limits++; 300 break; 301 } 302 /* FALLTHRU */ 303 case '?': 304 usage(); 305 } 306 optarg = NULL; 307 } 308 309 /* If user was specified, get class from that */ 310 if (pwd != NULL) 311 lc = login_getpwclass(pwd); 312 else if (cls != NULL && *cls != '\0') { 313 lc = login_getclassbyname(cls, NULL); 314 if (lc == NULL || strcmp(cls, lc->lc_class) != 0) 315 fprintf(stderr, "login class '%s' non-existent, using %s\n", 316 cls, lc?lc->lc_class:"current settings"); 317 } 318 319 /* If we have a login class, update resource table from that */ 320 if (lc != NULL) { 321 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 322 char str[40]; 323 rlim_t val; 324 325 /* current value overridden by resourcename or resourcename-cur */ 326 sprintf(str, "%s-cur", resources[rcswhich].cap); 327 val = resources[rcswhich].func(lc, resources[rcswhich].cap, limits[rcswhich].rlim_cur, limits[rcswhich].rlim_cur); 328 limits[rcswhich].rlim_cur = resources[rcswhich].func(lc, str, val, val); 329 /* maximum value overridden by resourcename or resourcename-max */ 330 sprintf(str, "%s-max", resources[rcswhich].cap); 331 val = resources[rcswhich].func(lc, resources[rcswhich].cap, limits[rcswhich].rlim_max, limits[rcswhich].rlim_max); 332 limits[rcswhich].rlim_max = resources[rcswhich].func(lc, str, val, val); 333 } 334 } 335 336 /* now, let's determine what we wish to do with all this */ 337 338 argv += optind; 339 340 /* If we're setting limits or doing an eval (ie. we're not just 341 * displaying), then check that hard limits are not lower than 342 * soft limits, and force rasing the hard limit if we need to if 343 * we are raising the soft limit, or lower the soft limit if we 344 * are lowering the hard limit. 345 */ 346 if ((*argv || doeval) && getuid() == 0) { 347 348 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 349 if (limits[rcswhich].rlim_max != RLIM_INFINITY) { 350 if (limits[rcswhich].rlim_cur == RLIM_INFINITY) { 351 limits[rcswhich].rlim_max = RLIM_INFINITY; 352 which_limits[rcswhich] |= HARD; 353 } else if (limits[rcswhich].rlim_cur > limits[rcswhich].rlim_max) { 354 if (which_limits[rcswhich] == SOFT) { 355 limits[rcswhich].rlim_max = limits[rcswhich].rlim_cur; 356 which_limits[rcswhich] |= HARD; 357 } else if (which_limits[rcswhich] == HARD) { 358 limits[rcswhich].rlim_cur = limits[rcswhich].rlim_max; 359 which_limits[rcswhich] |= SOFT; 360 } else { 361 /* else.. if we're specifically setting both to 362 * silly values, then let it error out. 363 */ 364 } 365 } 366 } 367 } 368 } 369 370 /* See if we've overridden anything specific on the command line */ 371 if (num_limits && todo == RCSSET) { 372 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 373 if (which_limits[rcswhich] & HARD) 374 limits[rcswhich].rlim_max = set_limits[rcswhich]; 375 if (which_limits[rcswhich] & SOFT) 376 limits[rcswhich].rlim_cur = set_limits[rcswhich]; 377 } 378 } 379 380 /* If *argv is not NULL, then we are being asked to 381 * (perhaps) set environment variables and run a program 382 */ 383 if (*argv) { 384 if (doeval) { 385 warnx("-e cannot be used with `cmd' option"); 386 usage(); 387 } 388 389 login_close(lc); 390 391 /* set leading environment variables, like eval(1) */ 392 while (*argv && (p = strchr(*argv, '='))) 393 (void)setenv(*argv++, ++p, 1); 394 395 /* Set limits */ 396 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 397 if (doall || num_limits == 0 || which_limits[rcswhich] != 0) 398 if (setrlimit(rcswhich, &limits[rcswhich]) == -1) 399 err(1, "setrlimit %s", resources[rcswhich].cap); 400 } 401 402 if (*argv == NULL) 403 usage(); 404 405 execvp(*argv, argv); 406 err(1, "%s", *argv); 407 } 408 409 shelltype = doeval ? getshelltype() : SH_NONE; 410 411 if (type == ANY) /* Default to soft limits */ 412 type = SOFT; 413 414 /* Display limits */ 415 printf(shellparm[shelltype].cmd, 416 lc ? " for class " : " (current)", 417 lc ? lc->lc_class : ""); 418 419 for (rcswhich = 0; rcswhich < RLIM_NLIMITS; rcswhich++) { 420 if (doall || num_limits == 0 || which_limits[rcswhich] != 0) { 421 if (which_limits[rcswhich] == ANY || which_limits[rcswhich]) 422 which_limits[rcswhich] = type; 423 if (shellparm[shelltype].lprm[rcswhich].pfx) { 424 if (shellparm[shelltype].both && limits[rcswhich].rlim_cur == limits[rcswhich].rlim_max) { 425 print_limit(limits[rcswhich].rlim_max, 426 shellparm[shelltype].lprm[rcswhich].divisor, 427 shellparm[shelltype].inf, 428 shellparm[shelltype].lprm[rcswhich].pfx, 429 shellparm[shelltype].lprm[rcswhich].sfx, 430 shellparm[shelltype].both); 431 } else { 432 if (which_limits[rcswhich] & HARD) { 433 print_limit(limits[rcswhich].rlim_max, 434 shellparm[shelltype].lprm[rcswhich].divisor, 435 shellparm[shelltype].inf, 436 shellparm[shelltype].lprm[rcswhich].pfx, 437 shellparm[shelltype].lprm[rcswhich].sfx, 438 shellparm[shelltype].hard); 439 } 440 if (which_limits[rcswhich] & SOFT) { 441 print_limit(limits[rcswhich].rlim_cur, 442 shellparm[shelltype].lprm[rcswhich].divisor, 443 shellparm[shelltype].inf, 444 shellparm[shelltype].lprm[rcswhich].pfx, 445 shellparm[shelltype].lprm[rcswhich].sfx, 446 shellparm[shelltype].soft); 447 } 448 } 449 } 450 } 451 } 452 453 login_close(lc); 454 exit(EXIT_SUCCESS); 455 } 456 457 458 static void 459 usage(void) 460 { 461 (void)fprintf(stderr, 462 "usage: limits [-C class|-U user] [-eaSHBE] [-bcdflmnstu [val]] [[name=val ...] cmd]\n"); 463 exit(EXIT_FAILURE); 464 } 465 466 static void 467 print_limit(rlim_t limit, unsigned divisor, const char * inf, const char * pfx, const char * sfx, const char * which) 468 { 469 char numbr[64]; 470 471 if (limit == RLIM_INFINITY) 472 strcpy(numbr, inf); 473 else 474 sprintf(numbr, "%jd", (intmax_t)((limit + divisor/2) / divisor)); 475 printf(pfx, which, numbr); 476 printf(sfx, which); 477 478 } 479 480 481 static rlim_t 482 resource_num(int which, int ch, const char *str) 483 { 484 rlim_t res = RLIM_INFINITY; 485 486 if (str != NULL && 487 !(strcasecmp(str, "inf") == 0 || 488 strcasecmp(str, "infinity") == 0 || 489 strcasecmp(str, "unlimit") == 0 || 490 strcasecmp(str, "unlimited") == 0)) { 491 const char * s = str; 492 char *e; 493 494 switch (which) { 495 case RLIMIT_CPU: /* time values */ 496 errno = 0; 497 res = 0; 498 while (*s) { 499 rlim_t tim = strtoq(s, &e, 0); 500 if (e == NULL || e == s || errno) 501 break; 502 switch (*e++) { 503 case 0: /* end of string */ 504 e--; 505 default: 506 case 's': case 'S': /* seconds */ 507 break; 508 case 'm': case 'M': /* minutes */ 509 tim *= 60L; 510 break; 511 case 'h': case 'H': /* hours */ 512 tim *= (60L * 60L); 513 break; 514 case 'd': case 'D': /* days */ 515 tim *= (60L * 60L * 24L); 516 break; 517 case 'w': case 'W': /* weeks */ 518 tim *= (60L * 60L * 24L * 7L); 519 case 'y': case 'Y': /* Years */ 520 tim *= (60L * 60L * 24L * 365L); 521 } 522 s = e; 523 res += tim; 524 } 525 break; 526 case RLIMIT_FSIZE: /* Size values */ 527 case RLIMIT_DATA: 528 case RLIMIT_STACK: 529 case RLIMIT_CORE: 530 case RLIMIT_RSS: 531 case RLIMIT_MEMLOCK: 532 errno = 0; 533 res = 0; 534 while (*s) { 535 rlim_t mult, tim = strtoq(s, &e, 0); 536 if (e == NULL || e == s || errno) 537 break; 538 switch (*e++) { 539 case 0: /* end of string */ 540 e--; 541 default: 542 mult = 1; 543 break; 544 case 'b': case 'B': /* 512-byte blocks */ 545 mult = 512; 546 break; 547 case 'k': case 'K': /* 1024-byte Kilobytes */ 548 mult = 1024; 549 break; 550 case 'm': case 'M': /* 1024-k kbytes */ 551 mult = 1024 * 1024; 552 break; 553 case 'g': case 'G': /* 1Gbyte */ 554 mult = 1024 * 1024 * 1024; 555 break; 556 case 't': case 'T': /* 1TBte */ 557 mult = 1024LL * 1024LL * 1024LL * 1024LL; 558 break; 559 } 560 s = e; 561 res += (tim * mult); 562 } 563 break; 564 case RLIMIT_NPROC: 565 case RLIMIT_NOFILE: 566 res = strtoq(s, &e, 0); 567 s = e; 568 break; 569 } 570 if (*s) { 571 warnx("invalid value -%c `%s'", ch, str); 572 usage(); 573 } 574 } 575 return res; 576 } 577 578 579 static int 580 getshellbyname(const char * shell) 581 { 582 int i; 583 const char * q; 584 const char * p = strrchr(shell, '/'); 585 586 p = p ? p+1 : shell; 587 for (i = 0; (q = shellparm[i].name) != NULL; i++) { 588 while (*q) { 589 int j = strcspn(q, "|"); 590 591 if (j == 0) 592 break; 593 if (strncmp(p, q, j) == 0) 594 return i; 595 if (*(q += j)) 596 ++q; 597 } 598 } 599 return SH_SH; 600 } 601 602 603 /* 604 * Determine the type of shell our parent process is 605 * This is quite tricky, not 100% reliable and probably 606 * not nearly as thorough as it should be. Basically, this 607 * is a "best guess" only, but hopefully will work in 608 * most cases. 609 */ 610 611 static int 612 getshelltype(void) 613 { 614 pid_t ppid = getppid(); 615 616 if (ppid != 1) { 617 FILE * fp; 618 struct stat st; 619 char procdir[MAXPATHLEN], buf[128]; 620 int l = sprintf(procdir, "/proc/%ld/", (long)ppid); 621 char * shell = getenv("SHELL"); 622 623 if (shell != NULL && stat(shell, &st) != -1) { 624 struct stat st1; 625 626 strcpy(procdir+l, "file"); 627 /* $SHELL is actual shell? */ 628 if (stat(procdir, &st1) != -1 && memcmp(&st, &st1, sizeof st) == 0) 629 return getshellbyname(shell); 630 } 631 strcpy(procdir+l, "status"); 632 if (stat(procdir, &st) == 0 && (fp = fopen(procdir, "r")) != NULL) { 633 char * p = fgets(buf, sizeof buf, fp)==NULL ? NULL : strtok(buf, " \t"); 634 fclose(fp); 635 if (p != NULL) 636 return getshellbyname(p); 637 } 638 } 639 return SH_SH; 640 } 641 642