mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 14:25:52 +00:00
Code Issues Releases Wiki Activity

let a profile control a tasks rlimits

Browse Source
This commit is contained in:
John Johansen
2008-04-06 18:55:46 +00:00
parent 34f2c96700
commit ecf6b55baf
5 changed files with 211 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
parser/parser_misc.c
View File

@@ -69,6 +69,28 @@ static struct keyword_table keyword_table[] = {
{"deny", TOK_DENY},
{"profile", TOK_PROFILE},
{"set", TOK_SET},
{"rlimit", TOK_RLIMIT},
/* terminate */
{NULL, 0}
};
static struct keyword_table rlimit_table[] = {
{"cpu", RLIMIT_CPU},
{"fsize", RLIMIT_FSIZE},
{"data", RLIMIT_DATA},
{"stack", RLIMIT_STACK},
{"core", RLIMIT_CORE},
{"rss", RLIMIT_RSS},
{"nofile", RLIMIT_NOFILE},
{"ofile", RLIMIT_OFILE},
{"as", RLIMIT_AS},
{"nproc", RLIMIT_NPROC},
{"memlock", RLIMIT_MEMLOCK},
{"locks", RLIMIT_LOCKS},
{"sigpending", RLIMIT_SIGPENDING},
{"msgqueue", RLIMIT_MSGQUEUE},
{"nice", RLIMIT_NICE},
{"rtprio", RLIMIT_RTPRIO},
/* terminate */
{NULL, 0}
};
@@ -109,6 +131,11 @@ int name_to_capability(const char *keyword)
return get_table_token("capability", capability_table, keyword);
}
int get_rlimit(const char *name)
{
return get_table_token("rlimit", rlimit_table, name);
}
static struct keyword_table address_family[] = {
/* {"unix", AF_UNIX},
{"local", AF_LOCAL}, */