[hackers] Re: [quark][PATCH] Raise RLIMIT_NPROC only if maxnprocs higher than current limits

From: Armin Friedl <dev_AT_friedl.net>
Date: Mon, 17 Aug 2020 23:10:07 +0200

Sorry for the spam. My sendmail wasn't set up correctly and went rogue
when it started to work.

On 8/17/20 10:58 PM, Armin Friedl wrote:
> Currently, maxnprocs may actually lower the limit. Especially when using the
> default limit of 512, this quickly causes quark's fork() to fail when started
> with a non-exclusive user.
>
> To mitigate this, we respect system defaults and only raise the limit if it is
> an actual raise.
> ---
> main.c | 25 +++++++++++++++----------
> 1 file changed, 15 insertions(+), 10 deletions(-)
>
> diff --git a/main.c b/main.c
> index 0542fab..0c43584 100644
> --- a/main.c
> +++ b/main.c
> _AT_@ -285,16 +285,21 @@ main(int argc, char *argv[])
> }
>
> /* raise the process limit */
> - rlim.rlim_cur = rlim.rlim_max = maxnprocs;
> - if (setrlimit(RLIMIT_NPROC, &rlim) < 0) {
> - die("setrlimit RLIMIT_NPROC:");
> - }
> -
> - /* validate user and group */
> - errno = 0;
> - if (!user || !(pwd = getpwnam(user))) {
> - die("getpwnam '%s': %s", user ? user : "null",
> - errno ? strerror(errno) : "Entry not found");
> + if (getrlimit(RLIMIT_NPROC, &rlim) < 0) {
> + die("getrlimit RLIMIT_NPROC:");
> + }
> +
> + rlim.rlim_cur = MAX(rlim.rlim_cur, maxnprocs);
> + rlim.rlim_max = MAX(rlim.rlim_max, maxnprocs);
> + if (setrlimit(RLIMIT_NPROC, &rlim) < 0) {
> + die("setrlimit RLIMIT_NPROC:");
> + }
> +
> + /* validate user and group */
> + errno = 0;
> + if (!user || !(pwd = getpwnam(user))) {
> + die("getpwnam '%s': %s", user ? user : "null",
> + errno ? strerror(errno) : "Entry not found");
> }
> errno = 0;
> if (!group || !(grp = getgrnam(group))) {
>
Received on Mon Aug 17 2020 - 23:10:07 CEST