Module: Landlock::Rlimits
- Defined in:
- lib/landlock/rlimits.rb
Constant Summary collapse
- VALID_NAMES =
%i[cpu_seconds memory_bytes file_size_bytes open_files processes].freeze
Class Method Summary collapse
Class Method Details
.apply!(rlimits) ⇒ Object
23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
# File 'lib/landlock/rlimits.rb', line 23 def apply!(rlimits) rlimits.each do |key, value| case key when :cpu_seconds ::Process.setrlimit(:CPU, value, value) when :memory_bytes ::Process.setrlimit(:AS, value, value) when :file_size_bytes ::Process.setrlimit(:FSIZE, value, value) when :open_files ::Process.setrlimit(:NOFILE, value, value) when :processes ::Process.setrlimit(:NPROC, value, value) end end end |
.normalize(rlimits) ⇒ Object
9 10 11 12 13 14 15 16 17 18 19 20 21 |
# File 'lib/landlock/rlimits.rb', line 9 def normalize(rlimits) Array(rlimits).filter_map do |name, value| next if value.nil? key = name.to_sym raise ArgumentError, "Unknown rlimit: #{name}" if !VALID_NAMES.include?(key) value = Integer(value) raise ArgumentError, "rlimit #{name} must be non-negative" if value.negative? [key, value] end end |