mirror of
https://github.com/sheumann/hush.git
synced 2025-01-18 07:31:34 +00:00
chpst: stop using data/bss
function old new delta chpst_main 1066 1089 +23 set_user 4 - -4 root 4 - -4 nicelvl 4 - -4 limitt 4 - -4 limits 196 192 -4 limitr 4 - -4 limitp 4 - -4 limito 4 - -4 limitl 4 - -4 limitf 4 - -4 limitd 4 - -4 limitc 4 - -4 limita 4 - -4 env_user 4 - -4 env_dir 4 - -4 ------------------------------------------------------------------------------ (add/remove: 0/14 grow/shrink: 1/1 up/down: 23/-60) Total: -37 bytes text data bss dec hex filename 770892 1029 9520 781441 bec81 busybox_old 770916 989 9496 781401 bec59 busybox_unstripped
This commit is contained in:
parent
91e5203205
commit
23e3e25df6
128
runit/chpst.c
128
runit/chpst.c
@ -39,21 +39,43 @@ ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|||||||
#define OPT_nostdout (option_mask32 & 0x10000)
|
#define OPT_nostdout (option_mask32 & 0x10000)
|
||||||
#define OPT_nostderr (option_mask32 & 0x20000)
|
#define OPT_nostderr (option_mask32 & 0x20000)
|
||||||
|
|
||||||
static char *set_user;
|
struct globals {
|
||||||
static char *env_user;
|
char *set_user;
|
||||||
static const char *env_dir;
|
char *env_user;
|
||||||
static long limitd = -2;
|
const char *env_dir;
|
||||||
static long limits = -2;
|
const char *root;
|
||||||
static long limitl = -2;
|
long limitd; /* limitX are initialized to -2 */
|
||||||
static long limita = -2;
|
long limits;
|
||||||
static long limito = -2;
|
long limitl;
|
||||||
static long limitp = -2;
|
long limita;
|
||||||
static long limitf = -2;
|
long limito;
|
||||||
static long limitc = -2;
|
long limitp;
|
||||||
static long limitr = -2;
|
long limitf;
|
||||||
static long limitt = -2;
|
long limitc;
|
||||||
static int nicelvl;
|
long limitr;
|
||||||
static const char *root;
|
long limitt;
|
||||||
|
int nicelvl;
|
||||||
|
};
|
||||||
|
#define G (*(struct globals*)&bb_common_bufsiz1)
|
||||||
|
#define set_user (G.set_user)
|
||||||
|
#define env_user (G.env_user)
|
||||||
|
#define env_dir (G.env_dir )
|
||||||
|
#define root (G.root )
|
||||||
|
#define limitd (G.limitd )
|
||||||
|
#define limits (G.limits )
|
||||||
|
#define limitl (G.limitl )
|
||||||
|
#define limita (G.limita )
|
||||||
|
#define limito (G.limito )
|
||||||
|
#define limitp (G.limitp )
|
||||||
|
#define limitf (G.limitf )
|
||||||
|
#define limitc (G.limitc )
|
||||||
|
#define limitr (G.limitr )
|
||||||
|
#define limitt (G.limitt )
|
||||||
|
#define nicelvl (G.nicelvl )
|
||||||
|
#define INIT_G() do { \
|
||||||
|
long *p = &limitd; \
|
||||||
|
do *p++ = -2; while (p <= &limitt); \
|
||||||
|
} while (0)
|
||||||
|
|
||||||
static void suidgid(char *user)
|
static void suidgid(char *user)
|
||||||
{
|
{
|
||||||
@ -100,7 +122,8 @@ static void edir(const char *directory_name)
|
|||||||
directory_name);
|
directory_name);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (d->d_name[0] == '.') continue;
|
if (d->d_name[0] == '.')
|
||||||
|
continue;
|
||||||
fd = open(d->d_name, O_RDONLY | O_NDELAY);
|
fd = open(d->d_name, O_RDONLY | O_NDELAY);
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
if ((errno == EISDIR) && env_dir) {
|
if ((errno == EISDIR) && env_dir) {
|
||||||
@ -129,9 +152,9 @@ static void edir(const char *directory_name)
|
|||||||
tail = memchr(buf, '\n', sizeof(buf));
|
tail = memchr(buf, '\n', sizeof(buf));
|
||||||
/* skip trailing whitespace */;
|
/* skip trailing whitespace */;
|
||||||
while (1) {
|
while (1) {
|
||||||
if (tail[0]==' ') tail[0] = '\0';
|
if (tail[0] == ' ') tail[0] = '\0';
|
||||||
if (tail[0]=='\t') tail[0] = '\0';
|
if (tail[0] == '\t') tail[0] = '\0';
|
||||||
if (tail[0]=='\n') tail[0] = '\0';
|
if (tail[0] == '\n') tail[0] = '\0';
|
||||||
if (tail == buf) break;
|
if (tail == buf) break;
|
||||||
tail--;
|
tail--;
|
||||||
}
|
}
|
||||||
@ -139,7 +162,8 @@ static void edir(const char *directory_name)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
closedir(dir);
|
closedir(dir);
|
||||||
if (fchdir(wdir) == -1) bb_perror_msg_and_die("fchdir");
|
if (fchdir(wdir) == -1)
|
||||||
|
bb_perror_msg_and_die("fchdir");
|
||||||
close(wdir);
|
close(wdir);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -147,12 +171,14 @@ static void limit(int what, long l)
|
|||||||
{
|
{
|
||||||
struct rlimit r;
|
struct rlimit r;
|
||||||
|
|
||||||
if (getrlimit(what, &r) == -1) bb_perror_msg_and_die("getrlimit");
|
if (getrlimit(what, &r) == -1)
|
||||||
|
bb_perror_msg_and_die("getrlimit");
|
||||||
if ((l < 0) || (l > r.rlim_max))
|
if ((l < 0) || (l > r.rlim_max))
|
||||||
r.rlim_cur = r.rlim_max;
|
r.rlim_cur = r.rlim_max;
|
||||||
else
|
else
|
||||||
r.rlim_cur = l;
|
r.rlim_cur = l;
|
||||||
if (setrlimit(what, &r) == -1) bb_perror_msg_and_die("setrlimit");
|
if (setrlimit(what, &r) == -1)
|
||||||
|
bb_perror_msg_and_die("setrlimit");
|
||||||
}
|
}
|
||||||
|
|
||||||
static void slimit(void)
|
static void slimit(void)
|
||||||
@ -161,24 +187,27 @@ static void slimit(void)
|
|||||||
#ifdef RLIMIT_DATA
|
#ifdef RLIMIT_DATA
|
||||||
limit(RLIMIT_DATA, limitd);
|
limit(RLIMIT_DATA, limitd);
|
||||||
#else
|
#else
|
||||||
if (OPT_verbose) bb_error_msg("system does not support %s",
|
if (OPT_verbose)
|
||||||
"RLIMIT_DATA");
|
bb_error_msg("system does not support RLIMIT_%s",
|
||||||
|
"DATA");
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
if (limits >= -1) {
|
if (limits >= -1) {
|
||||||
#ifdef RLIMIT_STACK
|
#ifdef RLIMIT_STACK
|
||||||
limit(RLIMIT_STACK, limits);
|
limit(RLIMIT_STACK, limits);
|
||||||
#else
|
#else
|
||||||
if (OPT_verbose) bb_error_msg("system does not support %s",
|
if (OPT_verbose)
|
||||||
"RLIMIT_STACK");
|
bb_error_msg("system does not support RLIMIT_%s",
|
||||||
|
"STACK");
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
if (limitl >= -1) {
|
if (limitl >= -1) {
|
||||||
#ifdef RLIMIT_MEMLOCK
|
#ifdef RLIMIT_MEMLOCK
|
||||||
limit(RLIMIT_MEMLOCK, limitl);
|
limit(RLIMIT_MEMLOCK, limitl);
|
||||||
#else
|
#else
|
||||||
if (OPT_verbose) bb_error_msg("system does not support %s",
|
if (OPT_verbose)
|
||||||
"RLIMIT_MEMLOCK");
|
bb_error_msg("system does not support RLIMIT_%s",
|
||||||
|
"MEMLOCK");
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
if (limita >= -1) {
|
if (limita >= -1) {
|
||||||
@ -189,8 +218,8 @@ static void slimit(void)
|
|||||||
limit(RLIMIT_AS, limita);
|
limit(RLIMIT_AS, limita);
|
||||||
#else
|
#else
|
||||||
if (OPT_verbose)
|
if (OPT_verbose)
|
||||||
bb_error_msg("system does not support %s",
|
bb_error_msg("system does not support RLIMIT_%s",
|
||||||
"RLIMIT_VMEM");
|
"VMEM");
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
@ -202,8 +231,8 @@ static void slimit(void)
|
|||||||
limit(RLIMIT_OFILE, limito);
|
limit(RLIMIT_OFILE, limito);
|
||||||
#else
|
#else
|
||||||
if (OPT_verbose)
|
if (OPT_verbose)
|
||||||
bb_error_msg("system does not support %s",
|
bb_error_msg("system does not support RLIMIT_%s",
|
||||||
"RLIMIT_NOFILE");
|
"NOFILE");
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
@ -211,53 +240,60 @@ static void slimit(void)
|
|||||||
#ifdef RLIMIT_NPROC
|
#ifdef RLIMIT_NPROC
|
||||||
limit(RLIMIT_NPROC, limitp);
|
limit(RLIMIT_NPROC, limitp);
|
||||||
#else
|
#else
|
||||||
if (OPT_verbose) bb_error_msg("system does not support %s",
|
if (OPT_verbose)
|
||||||
"RLIMIT_NPROC");
|
bb_error_msg("system does not support RLIMIT_%s",
|
||||||
|
"NPROC");
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
if (limitf >= -1) {
|
if (limitf >= -1) {
|
||||||
#ifdef RLIMIT_FSIZE
|
#ifdef RLIMIT_FSIZE
|
||||||
limit(RLIMIT_FSIZE, limitf);
|
limit(RLIMIT_FSIZE, limitf);
|
||||||
#else
|
#else
|
||||||
if (OPT_verbose) bb_error_msg("system does not support %s",
|
if (OPT_verbose)
|
||||||
"RLIMIT_FSIZE");
|
bb_error_msg("system does not support RLIMIT_%s",
|
||||||
|
"FSIZE");
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
if (limitc >= -1) {
|
if (limitc >= -1) {
|
||||||
#ifdef RLIMIT_CORE
|
#ifdef RLIMIT_CORE
|
||||||
limit(RLIMIT_CORE, limitc);
|
limit(RLIMIT_CORE, limitc);
|
||||||
#else
|
#else
|
||||||
if (OPT_verbose) bb_error_msg("system does not support %s",
|
if (OPT_verbose)
|
||||||
"RLIMIT_CORE");
|
bb_error_msg("system does not support RLIMIT_%s",
|
||||||
|
"CORE");
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
if (limitr >= -1) {
|
if (limitr >= -1) {
|
||||||
#ifdef RLIMIT_RSS
|
#ifdef RLIMIT_RSS
|
||||||
limit(RLIMIT_RSS, limitr);
|
limit(RLIMIT_RSS, limitr);
|
||||||
#else
|
#else
|
||||||
if (OPT_verbose) bb_error_msg("system does not support %s",
|
if (OPT_verbose)
|
||||||
"RLIMIT_RSS");
|
bb_error_msg("system does not support RLIMIT_%s",
|
||||||
|
"RSS");
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
if (limitt >= -1) {
|
if (limitt >= -1) {
|
||||||
#ifdef RLIMIT_CPU
|
#ifdef RLIMIT_CPU
|
||||||
limit(RLIMIT_CPU, limitt);
|
limit(RLIMIT_CPU, limitt);
|
||||||
#else
|
#else
|
||||||
if (OPT_verbose) bb_error_msg("system does not support %s",
|
if (OPT_verbose)
|
||||||
"RLIMIT_CPU");
|
bb_error_msg("system does not support RLIMIT_%s",
|
||||||
|
"CPU");
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* argv[0] */
|
/* argv[0] */
|
||||||
static void setuidgid(int, char **);
|
static void setuidgid(int, char **) ATTRIBUTE_NORETURN;
|
||||||
static void envuidgid(int, char **);
|
static void envuidgid(int, char **) ATTRIBUTE_NORETURN;
|
||||||
static void envdir(int, char **);
|
static void envdir(int, char **) ATTRIBUTE_NORETURN;
|
||||||
static void softlimit(int, char **);
|
static void softlimit(int, char **) ATTRIBUTE_NORETURN;
|
||||||
|
|
||||||
int chpst_main(int argc, char **argv);
|
int chpst_main(int argc, char **argv);
|
||||||
int chpst_main(int argc, char **argv)
|
int chpst_main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
|
INIT_G();
|
||||||
|
|
||||||
if (applet_name[3] == 'd') envdir(argc, argv);
|
if (applet_name[3] == 'd') envdir(argc, argv);
|
||||||
if (applet_name[1] == 'o') softlimit(argc, argv);
|
if (applet_name[1] == 'o') softlimit(argc, argv);
|
||||||
if (applet_name[0] == 's') setuidgid(argc, argv);
|
if (applet_name[0] == 's') setuidgid(argc, argv);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user