~azzar1/unity/add-show-desktop-key

Viewing changes to trampoline/trampoline.c

Committer: dcoles
Date: 2008-08-27 06:00:10 UTC
Revision ID: svn-v3-trunk0:2b9c9e99-6f39-0410-b283-7f802c844ae2:trunk:1042

Trampoline: Marked the code as _XOPEN_SOURCE feature test macro so that we can
use -ansi -Wall (or gnuc) and not get horrible warnings. (We are basically just
using POSIX.1 + chroot features here). Also restructured the code flow a tiny
bit (daemonize is now the last thing called since we want to return any errors
before we fork away from the parent)

files modified:
trampoline/trampoline.c

Show diffs side-by-side

added added

removed removed

trampoline/trampoline.c

* sudo chown root:root trampoline; sudo chroot +s trampoline

#define _XOPEN_SOURCE

#include <stdio.h>

#include <stdlib.h>

#include <string.h>

201

203

#endif /* IVLE_AUFS_JAILS */

202

204

203

205

/* Unsets any signal mask applied by the parent process */

204

void unmask_signals()

206

int unmask_signals(void)

205

207

{

208

int result;

206

209

sigset_t* sigset;

207

210

sigset = die_if_null(malloc(sizeof(sigset_t)));

208

211

sigemptyset(sigset);

209

sigprocmask(SIG_SETMASK, sigset, NULL);

212

result = sigprocmask(SIG_SETMASK, sigset, NULL);

210

213

free(sigset);

214

printf("%d", result);

215

return result;

211

216

}

212

217

213

218

int main(int argc, char* const argv[])

245

250

arg_num++;

246

251

}

247

252

248

unmask_signals();

249

250

253

if (strcmp(argv[arg_num], "-u") == 0)

251

254

{

252

255

if (argc < 6)

322

325

exit(1);

323

326

}

324

327

325

if (daemon_mode)

326

{

327

daemonize();

328

}

329

330

328

/* set user resource limits */

331

329

if (!unlimited)

332

330

{

333

331

struct rlimit l;

334

/* Process data segment in memory */

332

/* Process adress space in memory */

335

333

l.rlim_cur = 192 * 1024 * 1024; /* 192MiB */

336

334

l.rlim_max = 256 * 1024 * 1024; /* 256MiB */

337

335

if (setrlimit(RLIMIT_AS, &l))

339

337

perror("could not setrlimit/RLIMIT_AS");

340

338

exit(1);

341

339

}

340

341

/* Process data segment in memory

342

* Note: This requires a kernel patch to work correctly otherwise it is

343

* ineffective (thus you are only limited by RLIMIT_AS)

344

345

l.rlim_cur = 192 * 1024 * 1024; /* 192MiB */

346

l.rlim_max = 256 * 1024 * 1024; /* 256MiB */

347

if (setrlimit(RLIMIT_DATA, &l))

348

{

349

perror("could not setrlimit/RLIMIT_DATA");

350

exit(1);

351

}

342

352

343

353

/* Core */

344

l.rlim_cur = 0;

345

l.rlim_max = 0;

354

l.rlim_cur = 0; /* No core files */

355

l.rlim_max = 0; /* No core files */

346

356

if (setrlimit(RLIMIT_CORE, &l))

347

357

{

348

358

perror("could not setrlimit/RLIMIT_CORE");

350

360

}

351

361

352

362

/* CPU */

353

l.rlim_cur = 25;

354

l.rlim_max = 30;

363

l.rlim_cur = 25; /* 25 Seconds */

364

l.rlim_max = 30; /* 30 Seconds */

355

365

if (setrlimit(RLIMIT_CPU, &l))

356

366

{

357

367

perror("could not setrlimit/RLIMIT_CPU");

359

369

}

360

370

361

371

/* File Size */

362

l.rlim_cur = 64 * 1024 * 1024; /* 64Mb */

363

l.rlim_max = 72 * 1024 * 1024; /* 72Mb */

364

if (setrlimit(RLIMIT_FSIZE, &l))

372

l.rlim_cur = 64 * 1024 * 1024; /* 64MiB */

373

l.rlim_max = 72 * 1024 * 1024; /* 72MiB */

374

if (setrlimit(RLIMIT_FSIZE, &l))

365

375

{

366

376

perror("could not setrlimit/RLIMIT_FSIZE");

367

377

exit(1);

368

378

}

369

379

}

370

380

381

/* Remove any signal handler masks so we can send signals to the child */

382

if(unmask_signals())

383

{

384

perror("could not unmask signals");

385

exit(1);

386

}

387

388

/* If everything was OK daemonize (if required) */

389

if (daemon_mode)

390

{

391

daemonize();

392

}

393

371

394

/* exec (replace this process with the a new instance of the target

372

395

* program). Pass along all the arguments.

373

396

* Note that for script execution, the "program" will be the interpreter,

Older »