4ec4974de3
PR: ports/146789 Submitted by: Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net> With Hat: apache@
49 lines
1.6 KiB
Text
49 lines
1.6 KiB
Text
# http://www.chrishardie.com/tech/apache/suexec_rsrclimit.html
|
|
--- support/suexec.c.orig Wed Jul 12 07:38:44 2006
|
|
+++ support/suexec.c Wed Nov 15 23:58:04 2006
|
|
@@ -37,6 +37,7 @@
|
|
#include <sys/param.h>
|
|
#include <sys/stat.h>
|
|
#include <sys/types.h>
|
|
+#include <login_cap.h>
|
|
#include <string.h>
|
|
#include <time.h>
|
|
#if APR_HAVE_UNISTD_H
|
|
@@ -259,6 +260,7 @@
|
|
char *cmd; /* command to be executed */
|
|
char cwd[AP_MAXPATH]; /* current working directory */
|
|
char dwd[AP_MAXPATH]; /* docroot working directory */
|
|
+ login_cap_t *lc; /* user resource limits */
|
|
struct passwd *pw; /* password entry holder */
|
|
struct group *gr; /* group entry holder */
|
|
struct stat dir_info; /* directory info holder */
|
|
@@ -463,6 +465,18 @@
|
|
log_err("cannot run as forbidden gid (%d/%s)\n", gid, cmd);
|
|
exit(108);
|
|
}
|
|
+
|
|
+ /*
|
|
+ * Apply user resource limits based on login class.
|
|
+ */
|
|
+ if ((lc = login_getclassbyname(pw->pw_class, pw)) == NULL) {
|
|
+ log_err("failed to login_getclassbyname()\n");
|
|
+ exit(109);
|
|
+ }
|
|
+ if ((setusercontext(lc, pw, uid, LOGIN_SETRESOURCES)) != 0) {
|
|
+ log_err("failed to setusercontext()\n");
|
|
+ exit(109);
|
|
+ }
|
|
|
|
/*
|
|
* Change UID/GID here so that the following tests work over NFS.
|
|
--- support/Makefile.in.orig Thu Nov 16 02:20:47 2006
|
|
+++ support/Makefile.in Thu Nov 16 02:11:29 2006
|
|
@@ -65,7 +65,7 @@
|
|
|
|
suexec_OBJECTS = suexec.lo
|
|
suexec: $(suexec_OBJECTS)
|
|
- $(LINK) $(suexec_OBJECTS)
|
|
+ $(LINK) -lutil $(suexec_OBJECTS)
|
|
|
|
htcacheclean_OBJECTS = htcacheclean.lo
|
|
htcacheclean: $(htcacheclean_OBJECTS)
|