Simon McVittie 7eacbfece7 bus: Try to raise soft fd limit to match hard limit ... Linux systems have traditionally set the soft limit to 1024 and the hard limit to 4096. Recent versions of systemd keep the soft fd limit at 1024 to avoid breaking programs that still use select(), but raise the hard limit to 512*1024, while in recent Debian versions a complicated interaction between components gives a soft limit of 1024 and a hard limit of 1024*1024. If we can, we might as well elevate our soft limit to match the hard limit, minimizing the chance that we will run out of file descriptor slots. Unlike the previous code to raise the hard and soft limits to at least 65536, we do this even if we don't have privileges: privileges are unnecessary to raise the soft limit up to the hard limit. If we *do* have privileges, we also continue to raise the hard and soft limits to at least 65536 if they weren't already that high, making it harder to carry out a denial of service attack on the system bus on systems that use the traditional limit (CVE-2014-7824). As was previously the case on the system bus, we'll drop the limits back to our initial limits before we execute a subprocess for traditional (non-systemd) activation, if enabled. systemd activation doesn't involve us starting subprocesses at all, so in both cases activated services will still inherit the same limits they did previously. Reviewed-by: Lennart Poettering <lennart@poettering.net> [smcv: Correct a comment based on Lennart's review, reword commit message] Signed-off-by: Simon McVittie <smcv@collabora.com>		2019-04-18 11:54:48 +01:00
..
legacy-config	On Windows, load local configuration relative to bus setup	2015-10-02 11:24:05 +01:00
systemd-user	bus: Notify systemd when we are ready	2018-03-02 14:48:49 +00:00
sysusers.d	systemd: add sysusers.d snippet for booting up with unpopulated /etc	2017-02-13 14:49:52 +00:00
tmpfiles.d	tmpfiles: Add a note that one line is not needed with newer systemd	2018-01-29 11:59:40 +00:00
.gitignore	.gitignore: Ignore many more generated files	2018-12-14 13:28:50 +00:00
activation-exit-codes.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
activation-helper-bin.c	launch-helper: fix error code parsing	2013-10-09 10:51:39 +01:00
activation-helper.c	activation-helper: Rename bus_config_parser_get_service_dirs	2017-02-21 13:23:37 +00:00
activation-helper.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
activation.c	Configure option to disable traditional activation	2019-03-25 21:51:33 +02:00
activation.h	Mediate auto-activation attempts through AppArmor	2016-11-28 12:11:45 +00:00
apparmor.c	Mediate auto-activation attempts through AppArmor	2016-11-28 12:11:45 +00:00
apparmor.h	Do not auto-activate services if we could not send a message	2016-11-28 12:11:41 +00:00
audit.c	_dbus_change_to_daemon_user (audit code path): set DBusError correctly	2016-08-12 17:34:29 +01:00
audit.h	audit: use DBUS_SYSTEM_LOG_WARNING if we cannot open the audit fd	2015-08-06 17:12:37 +01:00
bus.c	bus: Try to raise soft fd limit to match hard limit	2019-04-18 11:54:48 +01:00
bus.h	bus_context_get_policy: Remove, unused	2018-08-30 17:39:34 +01:00
CMakeLists.txt	cmake: install missing files to keep in sync with autotools builds	2019-03-13 08:56:59 +01:00
config-loader-expat.c	config-loader-expat: Tell Expat not to defend against hash collisions	2017-07-28 11:17:04 +01:00
config-parser-common.c	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
config-parser-common.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
config-parser-trivial.c	embedded tests: Conform to the same API for all tests	2018-12-17 14:12:59 +00:00
config-parser-trivial.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
config-parser.c	embedded tests: Conform to the same API for all tests	2018-12-17 14:12:59 +00:00
config-parser.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
connection.c	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
connection.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
containers.c	bus_container_instance_new: Don't leak empty DBusString object	2018-11-19 11:35:22 +00:00
containers.h	containers: Add a method to ask to be sent the connection instance header	2018-02-16 15:27:51 +00:00
dbus.service.in	bus: Notify systemd when we are ready	2018-03-02 14:48:49 +00:00
dbus.socket.in	systemd: enable the dbus service unconditionally	2010-09-06 03:21:17 +02:00
desktop-file.c	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
desktop-file.h	BusDesktopFile: Refactor logic to free the parser contents	2018-11-20 12:01:12 +00:00
dir-watch-default.c	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
dir-watch-inotify.c	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
dir-watch-kqueue.c	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
dir-watch.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
dispatch.c	Configure option to disable traditional activation	2019-03-25 21:51:33 +02:00
dispatch.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
driver.c	_DBUS_ASSERT_ERROR_XOR_BOOL: Add and use	2018-11-20 12:17:20 +00:00
driver.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
example-session-disable-stats.conf.in	config: add examples to show how to enable/disable the Stats interface	2014-10-01 16:38:40 +01:00
example-system-enable-stats.conf.in	config: add examples to show how to enable/disable the Stats interface	2014-10-01 16:38:40 +01:00
example-system-hardening-without-traditional-activation.conf	Configure option to disable traditional activation	2019-03-25 21:51:33 +02:00
expirelist.c	embedded tests: Conform to the same API for all tests	2018-12-17 14:12:59 +00:00
expirelist.h	Bug 21161 - Update the FSF address	2009-07-14 15:39:47 -04:00
main.c	Don't let dbus-daemon and its subprocesses inherit unnecessary fds	2018-11-20 19:09:18 +00:00
Makefile.am	Configure option to disable traditional activation	2019-03-25 21:51:33 +02:00
org.freedesktop.dbus-session.plist.in	10.4 is old so set more sensible launchd defaults.	2010-12-09 08:20:07 +01:00
policy.c	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
policy.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
selinux.c	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
selinux.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
services.c	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
services.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
session.conf.in	bus: Add (unused) settings for resource limits for containers	2017-12-12 16:22:35 +00:00
signals.c	embedded tests: Conform to the same API for all tests	2018-12-17 14:12:59 +00:00
signals.h	Mediation of processes eavesdropping	2015-02-18 18:59:46 +00:00
stats.c	driver: Share bus_driver_get_conn_helper with other modules	2017-06-29 15:42:20 +01:00
stats.h	Implement GetAllMatchRules on the Stats interface	2014-09-25 12:59:50 +01:00
system.conf.in	system.conf: Allow creating containers on the system bus	2017-12-12 16:22:35 +00:00
test.c	bus tests: Collect possible copyright holders from git history	2019-01-21 15:15:21 +00:00
test.h	bus tests: Collect possible copyright holders from git history	2019-01-21 15:15:21 +00:00
utils.c	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00
utils.h	trivial: Remove trailing whitespace from copyright notices	2018-12-17 11:22:39 +00:00