Commit 572a2e44 authored by Pontus Freyhult's avatar Pontus Freyhult

Check for and use setrlimit (do ulimit -n unlimited) if available.

Rev: ChangeLog:1.551
Rev: NEWS:1.103
Rev: configure.ac:1.19
Rev: src/lshd.c:1.145
parent d0cb7359
This diff is collapsed.
News for the 1.x.y release
lshd now does the equivalence of ulimit -n unlimited, this is
inherited by processes started upon client requests. If you
don't want this, you should use /etc/{profile,login,whatever}
to set limits for your users. Do note that PAM-based solutions
will NOT work as PAM is used from a separate process that
terminates as soon as the authentication is finished (this of
course goes for environment variables too).
News for the 1.5 release
Implemented the server side of X11 forwarding. Try lshd
......@@ -63,7 +73,7 @@ News for the 1.4 release
lshd now sets SSH_CLIENT and SSH_TTY (if appropiate).
TCP-wrapper support contributed by Pontus Sköld, pass
TCP-wrapper support contributed by Pontus Sköld, pass
--with-tcpwrappers to configure to enable.
Display more information about unknown keys, including
......@@ -107,7 +117,7 @@ News for the 1.3.7 release
before exec:ing the shell.
Helper program to let the server use PAM passwords.
Contributed by Pontus Sköld.
Contributed by Pontus Sköld.
New option --server to lsh-keygen and lsh-writekey. It makes
the programs use the system seed-file, and also changes
......@@ -127,7 +137,7 @@ News for the 1.3.7 release
sftp on the server. Appeared already in 1.3.6, but wasn't
mentioned in NEWS.
Pontus Sköld's file transfer client lsftp is included in the
Pontus Sköld's file transfer client lsftp is included in the
distribution.
News for the 1.3.6 release
......@@ -555,7 +565,7 @@ News for the lsh-0.1.18 release
lsh now reads ACL:s from the ~/.lsh/known_hosts file.
First attempt at a m4-based testsuite. It depends on m4 being
able to handle the eight-bit quote characters » and «. If your
able to handle the eight-bit quote characters » and «. If your
m4 doesn't do that, get the latest beta of GNU m4 or recompile
GNU m4-1.4 with CFLAGS=-funsigned-char.
......@@ -798,7 +808,7 @@ TASKLIST and NOTES files now included in the snapshot.
NEWS since the 1998-12-17 snapshot:
Support for md5 (by Balázs Scheidler).
Support for md5 (by Balázs Scheidler).
Various bugfixes.
......@@ -815,4 +825,4 @@ together (crypto_cascade()).
Some untested support for blowfish and 3DES. A -c command line option
is needed.
A few bugfixes. Thanks to J.H.M. Dassen (Ray) and Balázs Scheidler.
A few bugfixes. Thanks to J.H.M. Dassen (Ray) and Balázs Scheidler.
......@@ -303,6 +303,7 @@ AC_CHECK_HEADERS(pty.h)
AC_CHECK_HEADERS(stropts.h)
AC_CHECK_HEADERS(syslog.h)
AC_CHECK_HEADERS(argp.h)
AC_CHECK_HEADERS(sys/resource.h)
AC_CHECK_HEADERS(utmp.h, [have_utmp_h=yes], [have_utmp_h=no])
AC_CHECK_HEADERS(utmpx.h, [have_utmpx_h=yes], [have_utmpx_h=no])
......@@ -528,6 +529,7 @@ AC_CHECK_FUNCS(openpty)
AC_CHECK_FUNCS(cfmakeraw)
AC_CHECK_FUNCS(logwtmp login logout pututline pututxline updwtmp updwtmpx)
AC_CHECK_FUNCS(getaddrinfo getnameinfo gai_strerror)
AC_CHECK_FUNCS(setrlimit)
AC_FUNC_GETPGRP
AC_CHECK_FUNCS(syslog)
AC_REPLACE_FUNCS(memxor)
......
......@@ -6,7 +6,7 @@
/* lsh, an implementation of the ssh protocol
*
* Copyright (C) 1998 Niels Mller
* Copyright (C) 1998 Niels Mller
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
......@@ -85,6 +85,12 @@ struct command_2 close_on_sighup;
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#if TIME_WITH_SYS_TIME && HAVE_SYS_TIME_H
#include <sys/time.h>
#endif
#if HAVE_SYS_RESOURCE_H
#include <sys/resource.h>
#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
......@@ -925,6 +931,17 @@ main(int argc, char **argv)
{
struct lshd_options *options;
#if HAVE_SETRLIMIT && HAVE_SYS_RESOURCE_H
/* Try to increase max number of open files, ignore any error */
struct rlimit r;
r.rlim_max = RLIM_INFINITY;
r.rlim_cur = RLIM_INFINITY;
setrlimit(RLIMIT_NOFILE, &r);
#endif
io_init();
/* For filtering messages. Could perhaps also be used when converting
......@@ -934,6 +951,7 @@ main(int argc, char **argv)
/* FIXME: Choose character set depending on the locale */
set_local_charset(CHARSET_LATIN1);
options = make_lshd_options();
if (!options)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment