From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Thu, 6 Dec 2018 16:19:21 +0000 (+0100)
Subject: Merge pull request #10935 from poettering/rlimit-nofile-safe
X-Git-Tag: v240~125
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=871fa294ff38b7fc0df7ddc2b03ec781d9f0cb8a;p=thirdparty%2Fsystemd.git

Merge pull request #10935 from poettering/rlimit-nofile-safe

Merged by hand to resolve a trivial conflict in TODO.
---

871fa294ff38b7fc0df7ddc2b03ec781d9f0cb8a
diff --cc TODO
index 41ad24d3bbd,f5c5d6cc222..3a4eac4b2c0
--- a/TODO
+++ b/TODO
@@@ -23,12 -23,10 +23,16 @@@ Janitorial Clean-ups
  
  Features:
  
 +* when importing an fs tree with machined, optionally apply userns-rec-chown
 +
 +* when importing an fs tree with machined, complain if image is not an OS
 +
 +* when we fork off generators and such, lower LIMIT_NOFILE soft limit to 1K
 +
+ * Maybe introduce a helper safe_exec() or so, which is to execve() which
+   safe_fork() is to fork(). And then make revert the RLIMIT_NOFILE soft limit
+   to 1K implicitly, unless explicitly opted-out.
+ 
  * rework seccomp/nnp logic that that even if User= is used in combination with
    a seccomp option we don't have to set NNP. For that, change uid first whil
    keeping CAP_SYS_ADMIN, then apply seccomp, the drop cap.
diff --cc src/basic/meson.build
index a59b8ac9286,4cd6911da9f..78e69feb4df
--- a/src/basic/meson.build
+++ b/src/basic/meson.build
@@@ -149,8 -120,11 +149,10 @@@ basic_sources = files(''
          refcnt.h
          replace-var.c
          replace-var.h
+         rlimit-util.c
+         rlimit-util.h
          rm-rf.c
          rm-rf.h
 -        securebits.h
          selinux-util.c
          selinux-util.h
          set.h