| [vhffs-dev] [1660] ported suPHP patchs to suPHP 0.7.1 (Squeeze) |
[ Thread Index |
Date Index
| More vhffs.org/vhffs-dev Archives
]
Revision: 1660
Author: gradator
Date: 2011-04-17 13:43:07 +0200 (Sun, 17 Apr 2011)
Log Message:
-----------
ported suPHP patchs to suPHP 0.7.1 (Squeeze)
Added Paths:
-----------
trunk/vhffs-packages/patches/suphp/10_TuxFamily-suphp-0.7.1-1-directorygroupcheck.dpatch
trunk/vhffs-packages/patches/suphp/11_TuxFamily-suphp-0.7.1-1-limits.dpatch
trunk/vhffs-packages/patches/suphp/12_TuxFamily-suphp-0.7.1-1-add-targetmode-execute.dpatch
Removed Paths:
-------------
trunk/vhffs-packages/patches/suphp/10_TuxFamily-suphp-0.6.2-3-directorygroupcheck.dpatch
trunk/vhffs-packages/patches/suphp/11_TuxFamily-suphp-0.6.2-3-limits.dpatch
trunk/vhffs-packages/patches/suphp/12_TuxFamily-suphp-0.6.2-3-add-targetmode-execute.dpatch
Deleted: trunk/vhffs-packages/patches/suphp/10_TuxFamily-suphp-0.6.2-3-directorygroupcheck.dpatch
===================================================================
--- trunk/vhffs-packages/patches/suphp/10_TuxFamily-suphp-0.6.2-3-directorygroupcheck.dpatch 2011-04-17 00:01:42 UTC (rev 1659)
+++ trunk/vhffs-packages/patches/suphp/10_TuxFamily-suphp-0.6.2-3-directorygroupcheck.dpatch 2011-04-17 11:43:07 UTC (rev 1660)
@@ -1,59 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 10_TuxFamily-suphp-0.6.2-3-directorygroupcheck.patch
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: TuxFamily patch to relax the directory check on group instead of user
-
-@DPATCH@
-diff -Nru a/src/Application.cpp b/src/Application.cpp
---- a/src/Application.cpp 2008-04-18 22:40:00.000000000 +0000
-+++ b/src/Application.cpp 2008-04-18 22:40:35.000000000 +0000
-@@ -361,8 +361,8 @@
- #endif // OPT_USERGROUP_PARANOID
-
- // Check directory ownership and permissions
-- checkParentDirectories(realScriptFile, targetUser, config);
-- checkParentDirectories(scriptFile, targetUser, config);
-+ checkParentDirectories(realScriptFile, targetUser, targetGroup, config);
-+ checkParentDirectories(scriptFile, targetUser, targetGroup, config);
-
- // Common code used for all modes
-
-@@ -559,17 +559,20 @@
-
-
- void suPHP::Application::checkParentDirectories(const File& file,
-- const UserInfo& owner,
-+ const UserInfo& user,
-+ const GroupInfo& group,
- const Configuration& config) const throw (SoftException) {
- File directory = file;
- Logger& logger = API_Helper::getSystemAPI().getSystemLogger();
- do {
- directory = directory.getParentDirectory();
-
-- UserInfo directoryOwner = directory.getUser();
-- if (directoryOwner != owner && !directoryOwner.isSuperUser()) {
-+
-+ UserInfo directoryUser = directory.getUser();
-+ GroupInfo directoryGroup = directory.getGroup();
-+ if (directoryGroup != group && !directoryUser.isSuperUser()) {
- std::string error = "Directory " + directory.getPath()
-- + " is not owned by " + owner.getUsername();
-+ + " is not owned by group " + group.getGroupname();
- logger.logWarning(error);
- throw SoftException(error, __FILE__, __LINE__);
- }
-diff -Nru a/src/Application.hpp b/src/Application.hpp
---- a/src/Application.hpp 2008-04-18 22:39:24.000000000 +0000
-+++ b/src/Application.hpp 2008-04-18 22:40:13.000000000 +0000
-@@ -112,7 +112,8 @@
- * Checks ownership and permissions for parent directories
- */
- void checkParentDirectories(const File& file,
-- const UserInfo& owner,
-+ const UserInfo& user,
-+ const GroupInfo& group,
- const Configuration& config) const
- throw (SoftException);
-
Added: trunk/vhffs-packages/patches/suphp/10_TuxFamily-suphp-0.7.1-1-directorygroupcheck.dpatch
===================================================================
--- trunk/vhffs-packages/patches/suphp/10_TuxFamily-suphp-0.7.1-1-directorygroupcheck.dpatch (rev 0)
+++ trunk/vhffs-packages/patches/suphp/10_TuxFamily-suphp-0.7.1-1-directorygroupcheck.dpatch 2011-04-17 11:43:07 UTC (rev 1660)
@@ -0,0 +1,59 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 10_TuxFamily-suphp-0.7.1-1-directorygroupcheck.dpatch
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: TuxFamily patch to relax the parent directory check on group instead
+## of user
+
+@DPATCH@
+diff -Nru a/src/Application.cpp b/src/Application.cpp
+--- a/src/Application.cpp 2009-08-03 14:38:38.000000000 +0000
++++ b/src/Application.cpp 2011-04-17 10:12:01.000000000 +0000
+@@ -314,8 +314,8 @@
+ }
+
+ // Check directory ownership and permissions
+- checkParentDirectories(realScriptFile, targetUser, config);
+- checkParentDirectories(scriptFile, targetUser, config);
++ checkParentDirectories(realScriptFile, targetUser, targetGroup, config);
++ checkParentDirectories(scriptFile, targetUser, targetGroup, config);
+ }
+
+ void suPHP::Application::checkProcessPermissions(
+@@ -540,17 +540,19 @@
+
+
+ void suPHP::Application::checkParentDirectories(const File& file,
+- const UserInfo& owner,
++ const UserInfo& user,
++ const GroupInfo& group,
+ const Configuration& config) const throw (SoftException) {
+ File directory = file;
+ Logger& logger = API_Helper::getSystemAPI().getSystemLogger();
+ do {
+ directory = directory.getParentDirectory();
+
+- UserInfo directoryOwner = directory.getUser();
+- if (directoryOwner != owner && !directoryOwner.isSuperUser()) {
++ UserInfo directoryUser = directory.getUser();
++ GroupInfo directoryGroup = directory.getGroup();
++ if (directoryGroup != group && !directoryUser.isSuperUser()) {
+ std::string error = "Directory " + directory.getPath()
+- + " is not owned by " + owner.getUsername();
++ + " is not owned by group " + group.getGroupname();
+ logger.logWarning(error);
+ throw SoftException(error, __FILE__, __LINE__);
+ }
+diff -Nru a/src/Application.hpp b/src/Application.hpp
+--- a/src/Application.hpp 2009-08-03 14:38:38.000000000 +0000
++++ b/src/Application.hpp 2011-04-17 10:13:22.000000000 +0000
+@@ -136,7 +136,8 @@
+ * Checks ownership and permissions for parent directories
+ */
+ void checkParentDirectories(const File& file,
+- const UserInfo& owner,
++ const UserInfo& user,
++ const GroupInfo& group,
+ const Configuration& config) const
+ throw (SoftException);
+
Deleted: trunk/vhffs-packages/patches/suphp/11_TuxFamily-suphp-0.6.2-3-limits.dpatch
===================================================================
--- trunk/vhffs-packages/patches/suphp/11_TuxFamily-suphp-0.6.2-3-limits.dpatch 2011-04-17 00:01:42 UTC (rev 1659)
+++ trunk/vhffs-packages/patches/suphp/11_TuxFamily-suphp-0.6.2-3-limits.dpatch 2011-04-17 11:43:07 UTC (rev 1660)
@@ -1,514 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 11_TuxFamily-suphp-0.6.2-3-limits.patch
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: TuxFamily patch to add support for setrlimit(2)
-
-@DPATCH@
-diff -Nru ./doc/suphp.conf-example ./doc/suphp.conf-example
---- ./doc/suphp.conf-example 2005-11-26 19:29:02.000000000 +0000
-+++ ./doc/suphp.conf-example 2008-04-18 09:40:25.000000000 +0000
-@@ -39,6 +39,66 @@
- min_gid=100
-
-
-+[limits]
-+
-+;The maximum size of the process's virtual memory (address space) in Kbytes
-+as_soft=65536
-+as_hard=65536
-+
-+;Maximum size of core file in Kbytes
-+core_soft=0
-+core_hard=0
-+
-+;CPU time limit in seconds
-+cpu_soft=32
-+cpu_hard=32
-+
-+;The maximum size of the process's data segment in Kbytes
-+data_soft=32768
-+data_hard=32768
-+
-+;The maximum size of files that the process may create
-+fsize_soft=unlimited
-+fsize_hard=unlimited
-+
-+;A limit on the combined number of flock(2) locks and fcntl(2) leases that this process may establish
-+locks_soft=512
-+locks_hard=512
-+
-+;The maximum number of Kbytes of memory that may be locked into RAM
-+memlock_soft=0
-+memlock_hard=0
-+
-+;Specifies the limit on the number of Kbytes that can be allocated for POSIX message queues for the real user ID of the calling process
-+msgqueue_soft=800
-+msgqueue_hard=800
-+
-+;Specifies a ceiling to which the process's nice value can be raised using setpriority(2) or nice(2)
-+;The actual ceiling for the nice value is calculated as 20 - rlim_cur
-+nice_soft=0
-+nice_hard=0
-+
-+;Specifies a value one greater than the maximum file descriptor number that can be opened by this process
-+nofile_soft=512
-+nofile_hard=512
-+
-+;The maximum number of processes (or, more precisely on Linux, threads) that can be created for the real user ID of the calling process
-+nproc_soft=10
-+nproc_hard=10
-+
-+;Specifies a ceiling on the real-time priority that may be set for this process using sched_setscheduler(2) and sched_setparam(2)
-+rtprio_soft=0
-+rtprio_hard=0
-+
-+;Specifies the limit on the number of signals that may be queued for the real user ID of the calling process
-+sigpending_soft=1024
-+sigpending_hard=1024
-+
-+;The maximum size of the process stack, in Kbytes
-+stack_soft=4096
-+stack_hard=4096
-+
-+
- [handlers]
- ;Handler for php-scripts
- x-httpd-php=php:/usr/bin/php
-diff -Nru ./src/Application.cpp ./src/Application.cpp
---- ./src/Application.cpp 2008-04-18 09:31:15.000000000 +0000
-+++ ./src/Application.cpp 2008-04-18 09:30:45.000000000 +0000
-@@ -366,6 +366,83 @@
-
- // Common code used for all modes
-
-+ // BEGIN -- TuxFamily limits patch
-+ // Change limits
-+ struct rlimit rl;
-+#ifdef RLIMIT_AS
-+ rl = config.getLimitAS();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_AS, &rl);
-+#endif
-+#ifdef RLIMIT_CORE
-+ rl = config.getLimitCore();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_CORE, &rl);
-+#endif
-+#ifdef RLIMIT_CPU
-+ rl = config.getLimitCPU();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_CPU, &rl);
-+#endif
-+#ifdef RLIMIT_DATA
-+ rl = config.getLimitData();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_DATA, &rl);
-+#endif
-+#ifdef RLIMIT_FSIZE
-+ rl = config.getLimitFSize();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_FSIZE, &rl);
-+#endif
-+#ifdef RLIMIT_LOCKS
-+ rl = config.getLimitLocks();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_LOCKS, &rl);
-+#endif
-+#ifdef RLIMIT_MEMLOCK
-+ rl = config.getLimitMemLock();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_MEMLOCK, &rl);
-+#endif
-+#ifdef RLIMIT_MSGQUEUE
-+ rl = config.getLimitMsgQueue();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_MSGQUEUE, &rl);
-+#endif
-+#ifdef RLIMIT_NICE
-+ rl = config.getLimitNice();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED) {
-+ setrlimit(RLIMIT_NICE, &rl);
-+ nice(rl.rlim_cur);
-+ }
-+#endif
-+#ifdef RLIMIT_NOFILE
-+ rl = config.getLimitNoFile();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_NOFILE, &rl);
-+#endif
-+#ifdef RLIMIT_NPROC
-+ rl = config.getLimitNProc();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_NPROC, &rl);
-+#endif
-+#ifdef RLIMIT_RTPRIO
-+ rl = config.getLimitRtPrio();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_RTPRIO, &rl);
-+#endif
-+#ifdef RLIMIT_SIGPENDING
-+ rl = config.getLimitSigPending();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_SIGPENDING, &rl);
-+#endif
-+#ifdef RLIMIT_STACK
-+ rl = config.getLimitStack();
-+ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
-+ setrlimit(RLIMIT_STACK, &rl);
-+#endif
-+ // END -- TuxFamily limits patch
-+
- // Set new group first, because we still need super-user privileges
- // for this
- api.setProcessGroup(targetGroup);
-diff -Nru ./src/Configuration.cpp ./src/Configuration.cpp
---- ./src/Configuration.cpp 2006-03-15 20:21:52.000000000 +0000
-+++ ./src/Configuration.cpp 2008-04-18 09:30:45.000000000 +0000
-@@ -20,6 +20,9 @@
-
- #include <string>
- #include <vector>
-+// BEGIN -- TuxFamily limits patch
-+#include <sstream>
-+// END -- TuxFamily limits patch
-
- #include "IniFile.hpp"
- #include "Util.hpp"
-@@ -65,6 +68,29 @@
- }
-
-
-+// BEGIN -- TuxFamily limits patch
-+rlim_t suPHP::Configuration::strToLimit(const std::string& bstr) {
-+
-+ std::string str = bstr;
-+ // Convert upper characters to lower characters
-+ for (int i=0; i<str.size(); i++) {
-+ if (str[i] >= 65 && str[i] <= 90)
-+ str[i] += 32;
-+ }
-+
-+ if (str == std::string("unlimited")) {
-+ return RLIM_INFINITY;
-+ } else {
-+ rlim_t lim = SUPHP_LIMIT_UNDEFINED;
-+ std::istringstream istr;
-+ istr.str(str);
-+ istr >> lim;
-+ return lim;
-+ }
-+}
-+// END -- TuxFamily limits patch
-+
-+
- LogLevel suPHP::Configuration::strToLogLevel(const std::string& str) const
- throw (ParsingException) {
- if (str == "none")
-@@ -112,6 +138,36 @@
- #endif
- this->umask = 0077;
- this->chroot_path = "";
-+ // BEGIN -- TuxFamily limits patch
-+ this->limit_as.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_as.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_core.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_core.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_cpu.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_cpu.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_data.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_data.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_fsize.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_fsize.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_locks.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_locks.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_memlock.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_memlock.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_msgqueue.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_msgqueue.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_nice.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_nice.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_nofile.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_nofile.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_nproc.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_nproc.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_rtprio.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_rtprio.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_sigpending.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_sigpending.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_stack.rlim_cur = SUPHP_LIMIT_UNDEFINED;
-+ this->limit_stack.rlim_max = SUPHP_LIMIT_UNDEFINED;
-+ // END -- TuxFamily limits patch
- }
-
- void suPHP::Configuration::readFromFile(File& file)
-@@ -178,7 +234,130 @@
- this->handlers.insert(p);
- }
- }
--
-+
-+ // BEGIN -- TuxFamily limits patch
-+ // Get limits
-+ if (ini.hasSection("limits")) {
-+ IniSection sect = ini.getSection("limits");
-+ std::vector<std::string> keys = sect.getKeys();
-+ std::vector<std::string>::iterator i;
-+ for (i = keys.begin(); i < keys.end(); i++) {
-+ std::string key = *i;
-+ std::string value = sect.getValue(key);
-+
-+ if (key == "as_soft") {
-+ this->limit_as.rlim_cur = this->strToLimit(value);
-+ if(this->limit_as.rlim_cur != RLIM_INFINITY)
-+ this->limit_as.rlim_cur <<= 10;
-+ }
-+ else if (key == "as_hard") {
-+ this->limit_as.rlim_max = this->strToLimit(value);
-+ if(this->limit_as.rlim_max != RLIM_INFINITY)
-+ this->limit_as.rlim_max <<= 10;
-+ }
-+
-+ else if (key == "core_soft") {
-+ this->limit_core.rlim_cur = this->strToLimit(value);
-+ if(this->limit_core.rlim_cur != RLIM_INFINITY)
-+ this->limit_core.rlim_cur <<= 10;
-+ }
-+ else if (key == "core_hard") {
-+ this->limit_core.rlim_max = this->strToLimit(value);
-+ if(this->limit_core.rlim_max != RLIM_INFINITY)
-+ this->limit_core.rlim_max <<= 10;
-+ }
-+
-+ else if (key == "cpu_soft")
-+ this->limit_cpu.rlim_cur = this->strToLimit(value);
-+ else if (key == "cpu_hard")
-+ this->limit_cpu.rlim_max = this->strToLimit(value);
-+
-+ else if (key == "data_soft") {
-+ this->limit_data.rlim_cur = this->strToLimit(value);
-+ if(this->limit_data.rlim_cur != RLIM_INFINITY)
-+ this->limit_data.rlim_cur <<= 10;
-+ }
-+ else if (key == "data_hard") {
-+ this->limit_data.rlim_max = this->strToLimit(value);
-+ if(this->limit_data.rlim_max != RLIM_INFINITY)
-+ this->limit_data.rlim_max <<= 10;
-+ }
-+
-+ else if (key == "fsize_soft")
-+ this->limit_fsize.rlim_cur = this->strToLimit(value);
-+ else if (key == "fsize_hard")
-+ this->limit_fsize.rlim_max = this->strToLimit(value);
-+
-+ else if (key == "locks_soft")
-+ this->limit_locks.rlim_cur = this->strToLimit(value);
-+ else if (key == "locks_hard")
-+ this->limit_locks.rlim_max = this->strToLimit(value);
-+
-+ else if (key == "memlock_soft") {
-+ this->limit_memlock.rlim_cur = this->strToLimit(value);
-+ if(this->limit_memlock.rlim_cur != RLIM_INFINITY)
-+ this->limit_memlock.rlim_cur <<= 10;
-+ }
-+ else if (key == "memlock_hard") {
-+ this->limit_memlock.rlim_max = this->strToLimit(value);
-+ if(this->limit_memlock.rlim_max != RLIM_INFINITY)
-+ this->limit_memlock.rlim_max <<= 10;
-+ }
-+
-+ else if (key == "msgqueue_soft") {
-+ this->limit_msgqueue.rlim_cur = this->strToLimit(value);
-+ if(this->limit_msgqueue.rlim_cur != RLIM_INFINITY)
-+ this->limit_msgqueue.rlim_cur <<= 10;
-+ }
-+ else if (key == "msgqueue_hard") {
-+ this->limit_msgqueue.rlim_max = this->strToLimit(value);
-+ if(this->limit_msgqueue.rlim_max != RLIM_INFINITY)
-+ this->limit_msgqueue.rlim_max <<= 10;
-+ }
-+
-+ else if (key == "nice_soft")
-+ this->limit_nice.rlim_cur = this->strToLimit(value);
-+ else if (key == "nice_hard")
-+ this->limit_nice.rlim_max = this->strToLimit(value);
-+
-+ else if (key == "nofile_soft")
-+ this->limit_nofile.rlim_cur = this->strToLimit(value);
-+ else if (key == "nofile_hard")
-+ this->limit_nofile.rlim_max = this->strToLimit(value);
-+
-+ else if (key == "nproc_soft")
-+ this->limit_nproc.rlim_cur = this->strToLimit(value);
-+ else if (key == "nproc_hard")
-+ this->limit_nproc.rlim_max = this->strToLimit(value);
-+
-+ else if (key == "rtprio_soft")
-+ this->limit_rtprio.rlim_cur = this->strToLimit(value);
-+ else if (key == "rtprio_hard")
-+ this->limit_rtprio.rlim_max = this->strToLimit(value);
-+
-+ else if (key == "sigpending_soft")
-+ this->limit_sigpending.rlim_cur = this->strToLimit(value);
-+ else if (key == "sigpending_hard")
-+ this->limit_sigpending.rlim_max = this->strToLimit(value);
-+
-+ else if (key == "stack_soft") {
-+ this->limit_stack.rlim_cur = this->strToLimit(value);
-+ if(this->limit_stack.rlim_cur != RLIM_INFINITY)
-+ this->limit_stack.rlim_cur <<= 10;
-+ }
-+ else if (key == "stack_hard") {
-+ this->limit_stack.rlim_max = this->strToLimit(value);
-+ if(this->limit_stack.rlim_max != RLIM_INFINITY)
-+ this->limit_stack.rlim_max <<= 10;
-+ }
-+
-+ else
-+ throw ParsingException("Unknown option \"" + key +
-+ "\" in section [global]",
-+ __FILE__, __LINE__);
-+ }
-+ }
-+ // END -- TuxFamily limits patch
- }
-
- std::string suPHP::Configuration::getLogfile() const {
-@@ -250,3 +429,61 @@
- std::string suPHP::Configuration::getChrootPath() const {
- return this->chroot_path;
- }
-+
-+// BEGIN -- TuxFamily limits patch
-+struct rlimit suPHP::Configuration::getLimitAS() const {
-+ return this->limit_as;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitCore() const {
-+ return this->limit_core;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitCPU() const {
-+ return this->limit_cpu;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitData() const {
-+ return this->limit_data;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitFSize() const {
-+ return this->limit_fsize;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitLocks() const {
-+ return this->limit_locks;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitMemLock() const {
-+ return this->limit_memlock;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitMsgQueue() const {
-+ return this->limit_msgqueue;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitNice() const {
-+ return this->limit_nice;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitNoFile() const {
-+ return this->limit_nofile;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitNProc() const {
-+ return this->limit_nproc;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitRtPrio() const {
-+ return this->limit_rtprio;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitSigPending() const {
-+ return this->limit_sigpending;
-+}
-+
-+struct rlimit suPHP::Configuration::getLimitStack() const {
-+ return this->limit_stack;
-+}
-+// END -- TuxFamily limits patch
-diff -Nru ./src/Configuration.hpp ./src/Configuration.hpp
---- ./src/Configuration.hpp 2005-11-26 19:29:02.000000000 +0000
-+++ ./src/Configuration.hpp 2008-04-18 09:30:45.000000000 +0000
-@@ -29,6 +29,11 @@
- #include <string>
- #include <map>
-
-+// BEGIN -- TuxFamily limits patch
-+#include <sys/resource.h>
-+#define SUPHP_LIMIT_UNDEFINED -34826
-+// END -- TuxFamily limits patch
-+
- #include "ParsingException.hpp"
- #include "IOException.hpp"
- #include "File.hpp"
-@@ -58,6 +63,23 @@
- int umask;
- std::string chroot_path;
-
-+ // BEGIN -- TuxFamily limits patch
-+ struct rlimit limit_as;
-+ struct rlimit limit_core;
-+ struct rlimit limit_cpu;
-+ struct rlimit limit_data;
-+ struct rlimit limit_fsize;
-+ struct rlimit limit_locks;
-+ struct rlimit limit_memlock;
-+ struct rlimit limit_msgqueue;
-+ struct rlimit limit_nice;
-+ struct rlimit limit_nofile;
-+ struct rlimit limit_nproc;
-+ struct rlimit limit_rtprio;
-+ struct rlimit limit_sigpending;
-+ struct rlimit limit_stack;
-+ // END -- TuxFamily limits patch
-+
- /**
- * Converts string to bool
- */
-@@ -69,6 +91,11 @@
- LogLevel strToLogLevel(const std::string& str) const
- throw (ParsingException);
-
-+ // BEGIN -- TuxFamily limits patch
-+ // Convert limit value to rlim_t
-+ rlim_t strToLimit(const std::string& bstr);
-+ // END -- TuxFamily limits patch
-+
- public:
- /**
- * Constructor, initializes configuration with default values.
-@@ -165,6 +192,24 @@
- * Return chroot path
- */
- std::string getChrootPath() const;
-+
-+ // BEGIN -- TuxFamily limits patch
-+ // Accessor methods to fetch limit values
-+ struct rlimit getLimitAS() const;
-+ struct rlimit getLimitCore() const;
-+ struct rlimit getLimitCPU() const;
-+ struct rlimit getLimitData() const;
-+ struct rlimit getLimitFSize() const;
-+ struct rlimit getLimitLocks() const;
-+ struct rlimit getLimitMemLock() const;
-+ struct rlimit getLimitMsgQueue() const;
-+ struct rlimit getLimitNice() const;
-+ struct rlimit getLimitNoFile() const;
-+ struct rlimit getLimitNProc() const;
-+ struct rlimit getLimitRtPrio() const;
-+ struct rlimit getLimitSigPending() const;
-+ struct rlimit getLimitStack() const;
-+ // END -- TuxFamily limits patch
- };
- };
-
Added: trunk/vhffs-packages/patches/suphp/11_TuxFamily-suphp-0.7.1-1-limits.dpatch
===================================================================
--- trunk/vhffs-packages/patches/suphp/11_TuxFamily-suphp-0.7.1-1-limits.dpatch (rev 0)
+++ trunk/vhffs-packages/patches/suphp/11_TuxFamily-suphp-0.7.1-1-limits.dpatch 2011-04-17 11:43:07 UTC (rev 1660)
@@ -0,0 +1,514 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 11_TuxFamily-suphp-0.7.1-1-limits.dpatch
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: TuxFamily patch to add support for setrlimit(2)
+
+@DPATCH@
+diff -Nru a/doc/suphp.conf-example b/doc/suphp.conf-example
+--- a/doc/suphp.conf-example 2009-08-03 14:38:38.000000000 +0000
++++ b/doc/suphp.conf-example 2011-04-17 10:15:55.000000000 +0000
+@@ -39,6 +39,66 @@
+ min_gid=100
+
+
++[limits]
++
++;The maximum size of the process's virtual memory (address space) in Kbytes
++as_soft=65536
++as_hard=65536
++
++;Maximum size of core file in Kbytes
++core_soft=0
++core_hard=0
++
++;CPU time limit in seconds
++cpu_soft=32
++cpu_hard=32
++
++;The maximum size of the process's data segment in Kbytes
++data_soft=32768
++data_hard=32768
++
++;The maximum size of files that the process may create
++fsize_soft=unlimited
++fsize_hard=unlimited
++
++;A limit on the combined number of flock(2) locks and fcntl(2) leases that this process may establish
++locks_soft=512
++locks_hard=512
++
++;The maximum number of Kbytes of memory that may be locked into RAM
++memlock_soft=0
++memlock_hard=0
++
++;Specifies the limit on the number of Kbytes that can be allocated for POSIX message queues for the real user ID of the calling process
++msgqueue_soft=800
++msgqueue_hard=800
++
++;Specifies a ceiling to which the process's nice value can be raised using setpriority(2) or nice(2)
++;The actual ceiling for the nice value is calculated as 20 - rlim_cur
++nice_soft=0
++nice_hard=0
++
++;Specifies a value one greater than the maximum file descriptor number that can be opened by this process
++nofile_soft=512
++nofile_hard=512
++
++;The maximum number of processes (or, more precisely on Linux, threads) that can be created for the real user ID of the calling process
++nproc_soft=10
++nproc_hard=10
++
++;Specifies a ceiling on the real-time priority that may be set for this process using sched_setscheduler(2) and sched_setparam(2)
++rtprio_soft=0
++rtprio_hard=0
++
++;Specifies the limit on the number of signals that may be queued for the real user ID of the calling process
++sigpending_soft=1024
++sigpending_hard=1024
++
++;The maximum size of the process stack, in Kbytes
++stack_soft=4096
++stack_hard=4096
++
++
+ [handlers]
+ ;Handler for php-scripts
+ x-httpd-php="php:/usr/bin/php"
+diff -Nru a/src/Application.cpp b/src/Application.cpp
+--- a/src/Application.cpp 2011-04-17 10:15:36.000000000 +0000
++++ b/src/Application.cpp 2011-04-17 10:15:55.000000000 +0000
+@@ -422,6 +422,83 @@
+ throw (SystemException, SoftException, SecurityException) {
+ API& api = API_Helper::getSystemAPI();
+
++ // BEGIN -- TuxFamily limits patch
++ // Change limits
++ struct rlimit rl;
++#ifdef RLIMIT_AS
++ rl = config.getLimitAS();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_AS, &rl);
++#endif
++#ifdef RLIMIT_CORE
++ rl = config.getLimitCore();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_CORE, &rl);
++#endif
++#ifdef RLIMIT_CPU
++ rl = config.getLimitCPU();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_CPU, &rl);
++#endif
++#ifdef RLIMIT_DATA
++ rl = config.getLimitData();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_DATA, &rl);
++#endif
++#ifdef RLIMIT_FSIZE
++ rl = config.getLimitFSize();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_FSIZE, &rl);
++#endif
++#ifdef RLIMIT_LOCKS
++ rl = config.getLimitLocks();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_LOCKS, &rl);
++#endif
++#ifdef RLIMIT_MEMLOCK
++ rl = config.getLimitMemLock();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_MEMLOCK, &rl);
++#endif
++#ifdef RLIMIT_MSGQUEUE
++ rl = config.getLimitMsgQueue();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_MSGQUEUE, &rl);
++#endif
++#ifdef RLIMIT_NICE
++ rl = config.getLimitNice();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED) {
++ setrlimit(RLIMIT_NICE, &rl);
++ nice(rl.rlim_cur);
++ }
++#endif
++#ifdef RLIMIT_NOFILE
++ rl = config.getLimitNoFile();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_NOFILE, &rl);
++#endif
++#ifdef RLIMIT_NPROC
++ rl = config.getLimitNProc();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_NPROC, &rl);
++#endif
++#ifdef RLIMIT_RTPRIO
++ rl = config.getLimitRtPrio();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_RTPRIO, &rl);
++#endif
++#ifdef RLIMIT_SIGPENDING
++ rl = config.getLimitSigPending();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_SIGPENDING, &rl);
++#endif
++#ifdef RLIMIT_STACK
++ rl = config.getLimitStack();
++ if(rl.rlim_cur != SUPHP_LIMIT_UNDEFINED && rl.rlim_max != SUPHP_LIMIT_UNDEFINED)
++ setrlimit(RLIMIT_STACK, &rl);
++#endif
++ // END -- TuxFamily limits patch
++
+ // Set new group first, because we still need super-user privileges
+ // for this
+ api.setProcessGroup(targetGroup);
+diff -Nru a/src/Configuration.cpp b/src/Configuration.cpp
+--- a/src/Configuration.cpp 2009-08-03 14:38:38.000000000 +0000
++++ b/src/Configuration.cpp 2011-04-17 10:15:55.000000000 +0000
+@@ -20,6 +20,9 @@
+
+ #include <string>
+ #include <vector>
++// BEGIN -- TuxFamily limits patch
++#include <sstream>
++// END -- TuxFamily limits patch
+
+ #include "IniFile.hpp"
+ #include "Util.hpp"
+@@ -65,6 +68,29 @@
+ }
+
+
++// BEGIN -- TuxFamily limits patch
++rlim_t suPHP::Configuration::strToLimit(const std::string& bstr) {
++
++ std::string str = bstr;
++ // Convert upper characters to lower characters
++ for (int i=0; i<str.size(); i++) {
++ if (str[i] >= 65 && str[i] <= 90)
++ str[i] += 32;
++ }
++
++ if (str == std::string("unlimited")) {
++ return RLIM_INFINITY;
++ } else {
++ rlim_t lim = SUPHP_LIMIT_UNDEFINED;
++ std::istringstream istr;
++ istr.str(str);
++ istr >> lim;
++ return lim;
++ }
++}
++// END -- TuxFamily limits patch
++
++
+ LogLevel suPHP::Configuration::strToLogLevel(const std::string& str) const
+ throw (ParsingException) {
+ if (str == "none")
+@@ -112,6 +138,36 @@
+ #endif
+ this->umask = 0077;
+ this->chroot_path = "";
++ // BEGIN -- TuxFamily limits patch
++ this->limit_as.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_as.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_core.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_core.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_cpu.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_cpu.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_data.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_data.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_fsize.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_fsize.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_locks.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_locks.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_memlock.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_memlock.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_msgqueue.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_msgqueue.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_nice.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_nice.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_nofile.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_nofile.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_nproc.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_nproc.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_rtprio.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_rtprio.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_sigpending.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_sigpending.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ this->limit_stack.rlim_cur = SUPHP_LIMIT_UNDEFINED;
++ this->limit_stack.rlim_max = SUPHP_LIMIT_UNDEFINED;
++ // END -- TuxFamily limits patch
+ }
+
+ void suPHP::Configuration::readFromFile(File& file)
+@@ -178,7 +234,130 @@
+ this->handlers.insert(p);
+ }
+ }
+-
++
++ // BEGIN -- TuxFamily limits patch
++ // Get limits
++ if (ini.hasSection("limits")) {
++ IniSection sect = ini.getSection("limits");
++ std::vector<std::string> keys = sect.getKeys();
++ std::vector<std::string>::iterator i;
++ for (i = keys.begin(); i < keys.end(); i++) {
++ std::string key = *i;
++ std::string value = sect.getValue(key);
++
++ if (key == "as_soft") {
++ this->limit_as.rlim_cur = this->strToLimit(value);
++ if(this->limit_as.rlim_cur != RLIM_INFINITY)
++ this->limit_as.rlim_cur <<= 10;
++ }
++ else if (key == "as_hard") {
++ this->limit_as.rlim_max = this->strToLimit(value);
++ if(this->limit_as.rlim_max != RLIM_INFINITY)
++ this->limit_as.rlim_max <<= 10;
++ }
++
++ else if (key == "core_soft") {
++ this->limit_core.rlim_cur = this->strToLimit(value);
++ if(this->limit_core.rlim_cur != RLIM_INFINITY)
++ this->limit_core.rlim_cur <<= 10;
++ }
++ else if (key == "core_hard") {
++ this->limit_core.rlim_max = this->strToLimit(value);
++ if(this->limit_core.rlim_max != RLIM_INFINITY)
++ this->limit_core.rlim_max <<= 10;
++ }
++
++ else if (key == "cpu_soft")
++ this->limit_cpu.rlim_cur = this->strToLimit(value);
++ else if (key == "cpu_hard")
++ this->limit_cpu.rlim_max = this->strToLimit(value);
++
++ else if (key == "data_soft") {
++ this->limit_data.rlim_cur = this->strToLimit(value);
++ if(this->limit_data.rlim_cur != RLIM_INFINITY)
++ this->limit_data.rlim_cur <<= 10;
++ }
++ else if (key == "data_hard") {
++ this->limit_data.rlim_max = this->strToLimit(value);
++ if(this->limit_data.rlim_max != RLIM_INFINITY)
++ this->limit_data.rlim_max <<= 10;
++ }
++
++ else if (key == "fsize_soft")
++ this->limit_fsize.rlim_cur = this->strToLimit(value);
++ else if (key == "fsize_hard")
++ this->limit_fsize.rlim_max = this->strToLimit(value);
++
++ else if (key == "locks_soft")
++ this->limit_locks.rlim_cur = this->strToLimit(value);
++ else if (key == "locks_hard")
++ this->limit_locks.rlim_max = this->strToLimit(value);
++
++ else if (key == "memlock_soft") {
++ this->limit_memlock.rlim_cur = this->strToLimit(value);
++ if(this->limit_memlock.rlim_cur != RLIM_INFINITY)
++ this->limit_memlock.rlim_cur <<= 10;
++ }
++ else if (key == "memlock_hard") {
++ this->limit_memlock.rlim_max = this->strToLimit(value);
++ if(this->limit_memlock.rlim_max != RLIM_INFINITY)
++ this->limit_memlock.rlim_max <<= 10;
++ }
++
++ else if (key == "msgqueue_soft") {
++ this->limit_msgqueue.rlim_cur = this->strToLimit(value);
++ if(this->limit_msgqueue.rlim_cur != RLIM_INFINITY)
++ this->limit_msgqueue.rlim_cur <<= 10;
++ }
++ else if (key == "msgqueue_hard") {
++ this->limit_msgqueue.rlim_max = this->strToLimit(value);
++ if(this->limit_msgqueue.rlim_max != RLIM_INFINITY)
++ this->limit_msgqueue.rlim_max <<= 10;
++ }
++
++ else if (key == "nice_soft")
++ this->limit_nice.rlim_cur = this->strToLimit(value);
++ else if (key == "nice_hard")
++ this->limit_nice.rlim_max = this->strToLimit(value);
++
++ else if (key == "nofile_soft")
++ this->limit_nofile.rlim_cur = this->strToLimit(value);
++ else if (key == "nofile_hard")
++ this->limit_nofile.rlim_max = this->strToLimit(value);
++
++ else if (key == "nproc_soft")
++ this->limit_nproc.rlim_cur = this->strToLimit(value);
++ else if (key == "nproc_hard")
++ this->limit_nproc.rlim_max = this->strToLimit(value);
++
++ else if (key == "rtprio_soft")
++ this->limit_rtprio.rlim_cur = this->strToLimit(value);
++ else if (key == "rtprio_hard")
++ this->limit_rtprio.rlim_max = this->strToLimit(value);
++
++ else if (key == "sigpending_soft")
++ this->limit_sigpending.rlim_cur = this->strToLimit(value);
++ else if (key == "sigpending_hard")
++ this->limit_sigpending.rlim_max = this->strToLimit(value);
++
++ else if (key == "stack_soft") {
++ this->limit_stack.rlim_cur = this->strToLimit(value);
++ if(this->limit_stack.rlim_cur != RLIM_INFINITY)
++ this->limit_stack.rlim_cur <<= 10;
++ }
++ else if (key == "stack_hard") {
++ this->limit_stack.rlim_max = this->strToLimit(value);
++ if(this->limit_stack.rlim_max != RLIM_INFINITY)
++ this->limit_stack.rlim_max <<= 10;
++ }
++
++ else
++ throw ParsingException("Unknown option \"" + key +
++ "\" in section [global]",
++ __FILE__, __LINE__);
++ }
++ }
++ // END -- TuxFamily limits patch
+ }
+
+ std::string suPHP::Configuration::getLogfile() const {
+@@ -250,3 +429,61 @@
+ std::string suPHP::Configuration::getChrootPath() const {
+ return this->chroot_path;
+ }
++
++// BEGIN -- TuxFamily limits patch
++struct rlimit suPHP::Configuration::getLimitAS() const {
++ return this->limit_as;
++}
++
++struct rlimit suPHP::Configuration::getLimitCore() const {
++ return this->limit_core;
++}
++
++struct rlimit suPHP::Configuration::getLimitCPU() const {
++ return this->limit_cpu;
++}
++
++struct rlimit suPHP::Configuration::getLimitData() const {
++ return this->limit_data;
++}
++
++struct rlimit suPHP::Configuration::getLimitFSize() const {
++ return this->limit_fsize;
++}
++
++struct rlimit suPHP::Configuration::getLimitLocks() const {
++ return this->limit_locks;
++}
++
++struct rlimit suPHP::Configuration::getLimitMemLock() const {
++ return this->limit_memlock;
++}
++
++struct rlimit suPHP::Configuration::getLimitMsgQueue() const {
++ return this->limit_msgqueue;
++}
++
++struct rlimit suPHP::Configuration::getLimitNice() const {
++ return this->limit_nice;
++}
++
++struct rlimit suPHP::Configuration::getLimitNoFile() const {
++ return this->limit_nofile;
++}
++
++struct rlimit suPHP::Configuration::getLimitNProc() const {
++ return this->limit_nproc;
++}
++
++struct rlimit suPHP::Configuration::getLimitRtPrio() const {
++ return this->limit_rtprio;
++}
++
++struct rlimit suPHP::Configuration::getLimitSigPending() const {
++ return this->limit_sigpending;
++}
++
++struct rlimit suPHP::Configuration::getLimitStack() const {
++ return this->limit_stack;
++}
++// END -- TuxFamily limits patch
+diff -Nru a/src/Configuration.hpp b/src/Configuration.hpp
+--- a/src/Configuration.hpp 2009-08-03 14:38:38.000000000 +0000
++++ b/src/Configuration.hpp 2011-04-17 11:21:42.000000000 +0000
+@@ -30,6 +30,11 @@
+ #include <map>
+ #include <vector>
+
++// BEGIN -- TuxFamily limits patch
++#include <sys/resource.h>
++#define SUPHP_LIMIT_UNDEFINED -34826
++// END -- TuxFamily limits patch
++
+ #include "ParsingException.hpp"
+ #include "IOException.hpp"
+ #include "File.hpp"
+@@ -59,6 +64,23 @@
+ int umask;
+ std::string chroot_path;
+
++ // BEGIN -- TuxFamily limits patch
++ struct rlimit limit_as;
++ struct rlimit limit_core;
++ struct rlimit limit_cpu;
++ struct rlimit limit_data;
++ struct rlimit limit_fsize;
++ struct rlimit limit_locks;
++ struct rlimit limit_memlock;
++ struct rlimit limit_msgqueue;
++ struct rlimit limit_nice;
++ struct rlimit limit_nofile;
++ struct rlimit limit_nproc;
++ struct rlimit limit_rtprio;
++ struct rlimit limit_sigpending;
++ struct rlimit limit_stack;
++ // END -- TuxFamily limits patch
++
+ /**
+ * Converts string to bool
+ */
+@@ -70,6 +92,11 @@
+ LogLevel strToLogLevel(const std::string& str) const
+ throw (ParsingException);
+
++ // BEGIN -- TuxFamily limits patch
++ // Convert limit value to rlim_t
++ rlim_t strToLimit(const std::string& bstr);
++ // END -- TuxFamily limits patch
++
+ public:
+ /**
+ * Constructor, initializes configuration with default values.
+@@ -166,6 +193,24 @@
+ * Return chroot path
+ */
+ std::string getChrootPath() const;
++
++ // BEGIN -- TuxFamily limits patch
++ // Accessor methods to fetch limit values
++ struct rlimit getLimitAS() const;
++ struct rlimit getLimitCore() const;
++ struct rlimit getLimitCPU() const;
++ struct rlimit getLimitData() const;
++ struct rlimit getLimitFSize() const;
++ struct rlimit getLimitLocks() const;
++ struct rlimit getLimitMemLock() const;
++ struct rlimit getLimitMsgQueue() const;
++ struct rlimit getLimitNice() const;
++ struct rlimit getLimitNoFile() const;
++ struct rlimit getLimitNProc() const;
++ struct rlimit getLimitRtPrio() const;
++ struct rlimit getLimitSigPending() const;
++ struct rlimit getLimitStack() const;
++ // END -- TuxFamily limits patch
+ };
+ };
+
Deleted: trunk/vhffs-packages/patches/suphp/12_TuxFamily-suphp-0.6.2-3-add-targetmode-execute.dpatch
===================================================================
--- trunk/vhffs-packages/patches/suphp/12_TuxFamily-suphp-0.6.2-3-add-targetmode-execute.dpatch 2011-04-17 00:01:42 UTC (rev 1659)
+++ trunk/vhffs-packages/patches/suphp/12_TuxFamily-suphp-0.6.2-3-add-targetmode-execute.dpatch 2011-04-17 11:43:07 UTC (rev 1660)
@@ -1,43 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 12_TuxFamily-suphp-0.6.2-3-add-targetmode-execute.patch
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: TuxFamily patch to add support for executing scripts with a chosen interpreter
-
-@DPATCH@
-diff -Nru a/src/Application.cpp b/src/Application.cpp
---- a/src/Application.cpp 2006-02-05 21:21:03.000000000 +0100
-+++ b/src/Application.cpp 2009-03-19 00:22:58.000000000 +0100
-@@ -447,6 +447,8 @@
- return TARGETMODE_PHP;
- else if (interpreter == "execute:!self")
- return TARGETMODE_SELFEXECUTE;
-+ else if (interpreter.substr(0, 8) == "execute:")
-+ return TARGETMODE_EXECUTE;
- else
- throw SecurityException("Unknown Interpreter: " + interpreter,
- __FILE__, __LINE__);
-@@ -472,6 +474,12 @@
- CommandLine cline;
- cline.putArgument(scriptFilename);
- API_Helper::getSystemAPI().execute(scriptFilename, cline, env);
-+ } else if (mode == TARGETMODE_EXECUTE) {
-+ std::string interpreterPath = interpreter.substr(8);
-+ CommandLine cline;
-+ cline.putArgument(interpreterPath);
-+ cline.putArgument(scriptFilename);
-+ API_Helper::getSystemAPI().execute(interpreterPath, cline, env);
- }
- } catch (SystemException& e) {
- throw SoftException("Could not execute script \"" + scriptFilename
-diff -Nru a/src/Application.hpp b/src/Application.hpp
---- a/src/Application.hpp 2005-02-27 18:53:05.000000000 +0100
-+++ b/src/Application.hpp 2009-03-19 00:22:58.000000000 +0100
-@@ -26,6 +26,7 @@
-
- enum TargetMode {
- TARGETMODE_PHP,
-+ TARGETMODE_EXECUTE,
- TARGETMODE_SELFEXECUTE
- };
-
Added: trunk/vhffs-packages/patches/suphp/12_TuxFamily-suphp-0.7.1-1-add-targetmode-execute.dpatch
===================================================================
--- trunk/vhffs-packages/patches/suphp/12_TuxFamily-suphp-0.7.1-1-add-targetmode-execute.dpatch (rev 0)
+++ trunk/vhffs-packages/patches/suphp/12_TuxFamily-suphp-0.7.1-1-add-targetmode-execute.dpatch 2011-04-17 11:43:07 UTC (rev 1660)
@@ -0,0 +1,43 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 12_TuxFamily-suphp-0.7.1-1-add-targetmode-execute.dpatch
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: TuxFamily patch to add support for executing scripts with a chosen interpreter
+
+@DPATCH@
+diff -Nru a/src/Application.cpp b/src/Application.cpp
+--- a/src/Application.cpp 2011-04-17 11:27:28.000000000 +0000
++++ b/src/Application.cpp 2011-04-17 11:30:19.000000000 +0000
+@@ -583,6 +583,8 @@
+ return TARGETMODE_PHP;
+ else if (interpreter == "execute:!self")
+ return TARGETMODE_SELFEXECUTE;
++ else if (interpreter.substr(0, 8) == "execute:")
++ return TARGETMODE_EXECUTE;
+ else
+ throw SecurityException("Unknown Interpreter: " + interpreter,
+ __FILE__, __LINE__);
+@@ -608,6 +610,12 @@
+ CommandLine cline;
+ cline.putArgument(scriptFilename);
+ API_Helper::getSystemAPI().execute(scriptFilename, cline, env);
++ } else if (mode == TARGETMODE_EXECUTE) {
++ std::string interpreterPath = interpreter.substr(8);
++ CommandLine cline;
++ cline.putArgument(interpreterPath);
++ cline.putArgument(scriptFilename);
++ API_Helper::getSystemAPI().execute(interpreterPath, cline, env);
+ }
+ } catch (SystemException& e) {
+ throw SoftException("Could not execute script \"" + scriptFilename
+diff -Nru a/src/Application.hpp b/src/Application.hpp
+--- a/src/Application.hpp 2011-04-17 10:15:36.000000000 +0000
++++ b/src/Application.hpp 2011-04-17 11:27:40.000000000 +0000
+@@ -26,6 +26,7 @@
+
+ enum TargetMode {
+ TARGETMODE_PHP,
++ TARGETMODE_EXECUTE,
+ TARGETMODE_SELFEXECUTE
+ };
+