diff options
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/bgpd/rde.c | 11 | ||||
-rw-r--r-- | usr.sbin/bgpd/session.c | 11 |
2 files changed, 20 insertions, 2 deletions
diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c index 76bfc7a9a76..e67c3e631c6 100644 --- a/usr.sbin/bgpd/rde.c +++ b/usr.sbin/bgpd/rde.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde.c,v 1.303 2010/11/30 15:33:06 claudio Exp $ */ +/* $OpenBSD: rde.c,v 1.304 2010/12/23 17:41:40 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -18,6 +18,8 @@ #include <sys/types.h> #include <sys/socket.h> +#include <sys/time.h> +#include <sys/resource.h> #include <errno.h> #include <ifaddrs.h> @@ -156,6 +158,7 @@ pid_t rde_main(int pipe_m2r[2], int pipe_s2r[2], int pipe_m2s[2], int pipe_s2rctl[2], int debug) { + struct rlimit rl; pid_t pid; struct passwd *pw; struct pollfd *pfd = NULL; @@ -185,6 +188,12 @@ rde_main(int pipe_m2r[2], int pipe_s2r[2], int pipe_m2s[2], int pipe_s2rctl[2], setproctitle("route decision engine"); bgpd_process = PROC_RDE; + if (getrlimit(RLIMIT_DATA, &rl) == -1) + fatal("getrlimit"); + rl.rlim_cur = rl.rlim_max; + if (setrlimit(RLIMIT_DATA, &rl) == -1) + fatal("setrlimit"); + if (setgroups(1, &pw->pw_gid) || setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) diff --git a/usr.sbin/bgpd/session.c b/usr.sbin/bgpd/session.c index 79a2b2ef33f..9cd2b9b9427 100644 --- a/usr.sbin/bgpd/session.c +++ b/usr.sbin/bgpd/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.315 2010/12/09 13:50:41 claudio Exp $ */ +/* $OpenBSD: session.c,v 1.316 2010/12/23 17:41:40 claudio Exp $ */ /* * Copyright (c) 2003, 2004, 2005 Henning Brauer <henning@openbsd.org> @@ -21,6 +21,8 @@ #include <sys/mman.h> #include <sys/socket.h> +#include <sys/time.h> +#include <sys/resource.h> #include <sys/un.h> #include <net/if_types.h> #include <netinet/in.h> @@ -178,6 +180,7 @@ pid_t session_main(int pipe_m2s[2], int pipe_s2r[2], int pipe_m2r[2], int pipe_s2rctl[2]) { + struct rlimit rl; int nfds, timeout, pfkeysock; unsigned int i, j, idx_peers, idx_listeners, idx_mrts; pid_t pid; @@ -214,6 +217,12 @@ session_main(int pipe_m2s[2], int pipe_s2r[2], int pipe_m2r[2], setproctitle("session engine"); bgpd_process = PROC_SE; + if (getrlimit(RLIMIT_NOFILE, &rl) == -1) + fatal("getrlimit"); + rl.rlim_cur = rl.rlim_max; + if (setrlimit(RLIMIT_NOFILE, &rl) == -1) + fatal("setrlimit"); + pfkeysock = pfkey_init(&sysdep); if (setgroups(1, &pw->pw_gid) || |