mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-10 13:30:05 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

RLIMITs: add support for generating limits.d files

Browse source 
This commit implements generating /etc/security/limits.d/20-pw-defaults.conf and
/etc/security/limits.d/25-pw-rlimits.conf files. The numbering is arbitrary and
may very well warrant being in the reverse order, however `man 5 limits.conf`
does not appear to specify the parsing order or even say exactly how multiples
matches will resolve, so the value can be adjusted later, if required.

The actual limit values, the match rule and even whether each file is to be
installed can be changed via the build system before compilation. Likewise
the files can be modified or (re)moved during distro package building phase.

The 20-pw-defaults.conf should only be installed on legacy systems lacking both
a modern kernel and up to date systemd, because all it does is set the current
Linux default. Accordingly its not installed by default.

Signed-off-by: Niklāvs Koļesņikovs <89q1r14hd@relay.firefox.com>
This commit is contained in:
Niklāvs Koļesņikovs 2023-02-07 00:26:03 +02:00
parent d082ec0809
commit 5e0bfa0beb
No known key found for this signature in database
GPG key ID: 8A45FF71F7C7210A
5 changed files with 85 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

23
src/modules/module-rt/meson.build Normal file
View file

@ -0,0 +1,23 @@
rlimits_install = get_option('rlimits-install')
rlimits_data = configuration_data()
rlimits_data.set('MATCH', get_option('rlimits-match'))
rlimits_data.set('RTPRIO', get_option('rlimits-rtprio'))
rlimits_data.set('NICE', get_option('rlimits-nice'))
rlimits_data.set('MEMLOCK', get_option('rlimits-memlock'))
configure_file(input: '25-pw-rlimits.conf.in',
output: '25-pw-rlimits.conf',
install: rlimits_install,
install_dir: get_option('sysconfdir') / 'security' / 'limits.d',
configuration: rlimits_data)
summary({'RLIMITs': '@0@ limits.d file affecting matching PAM users'.format(rlimits_install ? 'with' : 'without')})
# The pam-defaults-install related code can be removed once all Linux <5.16 kernels are EOL (projected Dec, 2026)
pam_defaults_install = get_option('pam-defaults-install')
pam_defaults_data = configuration_data()
pam_defaults_data.set('PAM_MEMLOCK', get_option('pam-memlock-default'))
configure_file(input: '20-pw-defaults.conf.in',
output: '20-pw-defaults.conf',
install: pam_defaults_install,
install_dir: get_option('sysconfdir') / 'security' / 'limits.d',
configuration: pam_defaults_data)
summary({'PAM defaults': '@0@ limits.d file affecting all PAM users (not needed with modern systemd or kernel)'.format(pam_defaults_install ? 'with' : 'without')})