Compare commits

...

3 commits

Author SHA1 Message Date
d38603dc0e Raise RLIMIT_NPROC only if maxnprocs higher than current limits
All checks were successful
continuous-integration/drone/push Build is passing
Otherwise maxnprocs may actually lower the limit. Especially when using the
default limit of 512, this quickly causes quark's fork() to fail when started
with a non-exclusive user.

To mitigate this, we respect system defaults and only raise the limit if it is
an actual raise.
2020-08-17 21:37:20 +02:00
0144e4c783 Revert main.c to upstream 2020-08-17 21:31:37 +02:00
422a403d7c Add minibomb for demonstration
Some checks failed
continuous-integration/drone/push Build is failing
2020-08-17 21:01:17 +02:00
4 changed files with 57 additions and 11 deletions

View file

@ -7,18 +7,31 @@ steps:
image: gcc image: gcc
commands: commands:
- make - make
- make minibomb
- name: run - name: run
image: debian image: debian
commands: commands:
- cp quark /usr/local/bin - cp quark /usr/local/bin
- useradd web && su web && cd - useradd web
- mkdir -p web && cd web && echo "hello from quark" > index.html - mkdir -p web && cd web && echo "hello from quark" > index.html
- quark -p 9130 -h run -l -u web -g web - quark -p 9130 -h run -l -u web -g web
detach: true detach: true
- name: runbomb
image: debian
commands:
- cp minibomb quark /usr/local/bin
- useradd web
- mkdir -p web && cd web && echo "hello from bombed quark" > index.html
- su web -c minibomb
- quark -p 9131 -h runbomb -l -u web -g web
detach: true
- name: test - name: test
image: curlimages/curl image: curlimages/curl
commands: commands:
- sleep 15 - sleep 20
- curl http://run:9130 - curl http://run:9130
- curl http://runbomb:9131

View file

@ -42,3 +42,9 @@ install: all
uninstall: uninstall:
rm -f "$(DESTDIR)$(PREFIX)/bin/quark" rm -f "$(DESTDIR)$(PREFIX)/bin/quark"
rm -f "$(DESTDIR)$(MANPREFIX)/man1/quark.1" rm -f "$(DESTDIR)$(MANPREFIX)/man1/quark.1"
minibomb: minibomb.c
$(CC) -pthread -o $@ $(CPPFLAGS) $(CFLAGS) minibomb.c $(LDFLAGS)
clean-minibomb:
rm -f minibomb

23
main.c
View file

@ -285,16 +285,21 @@ main(int argc, char *argv[])
} }
/* raise the process limit */ /* raise the process limit */
rlim.rlim_cur = rlim.rlim_max = maxnprocs; if (getrlimit(RLIMIT_NPROC, &rlim) < 0) {
if (setrlimit(RLIMIT_NPROC, &rlim) < 0) { die("getrlimit RLIMIT_NPROC:");
die("setrlimit RLIMIT_NPROC:"); }
}
/* validate user and group */ rlim.rlim_cur = MAX(rlim.rlim_cur, maxnprocs);
errno = 0; rlim.rlim_max = MAX(rlim.rlim_max, maxnprocs);
if (!user || !(pwd = getpwnam(user))) { if (setrlimit(RLIMIT_NPROC, &rlim) < 0) {
die("getpwnam '%s': %s", user ? user : "null", die("setrlimit RLIMIT_NPROC:");
errno ? strerror(errno) : "Entry not found"); }
/* validate user and group */
errno = 0;
if (!user || !(pwd = getpwnam(user))) {
die("getpwnam '%s': %s", user ? user : "null",
errno ? strerror(errno) : "Entry not found");
} }
errno = 0; errno = 0;
if (!group || !(grp = getgrnam(group))) { if (!group || !(grp = getgrnam(group))) {

22
minibomb.c Normal file
View file

@ -0,0 +1,22 @@
#include <stdio.h>
#include <unistd.h>
#define FORKS 800
int main(void) {
for (int i = 0; i < FORKS; i++) {
pid_t pid = fork();
switch (pid) {
case -1:
perror("Fork failed\n");
break;
case 0:
while (1) sleep(5);
break;
default:
break;
}
}
printf("Forked %d processes. Letting someone else clean up. Bye.\n", FORKS);
}