summaryrefslogtreecommitdiff
path: root/session.c
diff options
context:
space:
mode:
Diffstat (limited to 'session.c')
-rw-r--r--session.c58
1 files changed, 58 insertions, 0 deletions
diff --git a/session.c b/session.c
index 29956777f..1f0d227d0 100644
--- a/session.c
+++ b/session.c
@@ -9,6 +9,9 @@
9 9
10#include "includes.h" 10#include "includes.h"
11RCSID("$OpenBSD: session.c,v 1.20 2000/06/18 04:42:54 markus Exp $"); 11RCSID("$OpenBSD: session.c,v 1.20 2000/06/18 04:42:54 markus Exp $");
12#if defined(HAVE_USERSEC_H)
13#include <usersec.h>
14#endif
12 15
13#include "xmalloc.h" 16#include "xmalloc.h"
14#include "ssh.h" 17#include "ssh.h"
@@ -789,6 +792,57 @@ void do_pam_environment(char ***env, int *envsize)
789} 792}
790#endif /* USE_PAM */ 793#endif /* USE_PAM */
791 794
795#if defined(HAVE_GETUSERATTR)
796/*
797 * AIX-specific login initialisation
798 */
799void set_limit(char *user, char *soft, char *hard, int resource, int mult)
800{
801 struct rlimit rlim;
802 rlim_t tlim;
803 int mask;
804
805 getrlimit(resource, &rlim);
806
807 tlim = (rlim_t) 0;
808 if (getuserattr(user, soft, &tlim, SEC_INT) != -1 && tlim)
809 rlim.rlim_cur = tlim * mult;
810
811 tlim = (rlim_t) 0;
812 if (getuserattr(user, hard, &tlim, SEC_INT) != -1 && tlim)
813 rlim.rlim_max = tlim * mult;
814
815 if (rlim.rlim_cur > rlim.rlim_max)
816 rlim.rlim_max = rlim.rlim_cur;
817
818 if (setrlimit(resource, &rlim) != 0)
819 error("setrlimit(%.10s) failed: %.100s", soft, strerror(errno))
820}
821
822void set_limits_from_userattr(char *user)
823{
824 int mask;
825 char buf[16];
826
827 set_limit(user, S_UFSIZE, S_UFSIZE_HARD, RLIMIT_FSIZE, 512);
828 set_limit(user, S_UCPU, S_UCPU_HARD, RLIMIT_CPU, 1);
829 set_limit(user, S_UDATA, S_UDATA_HARD, RLIMIT_DATA, 512);
830 set_limit(user, S_USTACK, S_USTACK_HARD, RLIMIT_STACK, 512);
831 set_limit(user, S_URSS, S_URSS_HARD, RLIMIT_RSS, 512);
832 set_limit(user, S_UCORE, S_UCORE_HARD, RLIMIT_CORE, 512);
833#if defined(S_UNOFILE)
834 set_limit(user, S_UNOFILE, S_UNOFILE_HARD, RLIMIT_NOFILE, 1);
835#endif
836
837 if (getuserattr(user, S_UMASK, &mask, SEC_INT) != -1) {
838 /* Convert decimal to octal */
839 (void) snprintf(buf, sizeof(buf), "%d", mask);
840 if (sscanf(buf, "%o", &mask) == 1)
841 umask(mask);
842 }
843}
844#endif /* defined(HAVE_GETUSERATTR) */
845
792/* 846/*
793 * Performs common processing for the child, such as setting up the 847 * Performs common processing for the child, such as setting up the
794 * environment, closing extra file descriptors, setting the user and group 848 * environment, closing extra file descriptors, setting the user and group
@@ -855,6 +909,10 @@ do_child(const char *command, struct passwd * pw, const char *term,
855 } 909 }
856#else /* HAVE_OSF_SIA */ 910#else /* HAVE_OSF_SIA */
857 if (getuid() == 0 || geteuid() == 0) { 911 if (getuid() == 0 || geteuid() == 0) {
912#if defined(HAVE_GETUSERATTR)
913 set_limits_from_userattr(pw->pw_name);
914#endif /* defined(HAVE_GETUSERATTR) */
915
858 if (setgid(pw->pw_gid) < 0) { 916 if (setgid(pw->pw_gid) < 0) {
859 perror("setgid"); 917 perror("setgid");
860 exit(1); 918 exit(1);