mirror of
https://github.com/hackerschoice/segfault.git
synced 2024-06-29 18:21:22 +00:00
asdf
This commit is contained in:
parent
e4a62fc9dd
commit
0496560938
4
Makefile
4
Makefile
@ -1,4 +1,4 @@
|
||||
VER := 0.3.3d
|
||||
VER := 0.3.4
|
||||
|
||||
all:
|
||||
make -C guest
|
||||
@ -48,6 +48,8 @@ FILES_PROVISION += "segfault-$(VER)/provision/funcs_al2.sh"
|
||||
FILES_PROVISION += "segfault-$(VER)/provision/funcs_ubuntu.sh"
|
||||
FILES_PROVISION += "segfault-$(VER)/provision/init-linux.sh"
|
||||
FILES_PROVISION += "segfault-$(VER)/provision/system/funcs"
|
||||
FILES_PROVISION += "segfault-$(VER)/provision/system/docker_limit.slice"
|
||||
FILES_PROVISION += "segfault-$(VER)/provision/system/daemon.json"
|
||||
FILES_PROVISION += "segfault-$(VER)/provision/env.example"
|
||||
|
||||
FILES_ENCFSD += "segfault-$(VER)/encfsd/Makefile"
|
||||
|
@ -26,7 +26,7 @@ do_exit_err()
|
||||
xmkdir()
|
||||
{
|
||||
[[ -z $1 ]] && return 255
|
||||
[[ -d "$1" ]] && return
|
||||
[[ -d "$1" ]] && return 0
|
||||
mkdir "$1"
|
||||
}
|
||||
|
||||
@ -37,6 +37,7 @@ encfs_mkdir()
|
||||
local name
|
||||
local secdir
|
||||
local rawdir
|
||||
|
||||
name="$1"
|
||||
secdir="$2"
|
||||
rawdir="$3"
|
||||
@ -162,13 +163,15 @@ redis_loop_forever()
|
||||
secdir="/encfs/sec/user-${name}"
|
||||
rawdir="/encfs/raw/user/user-${name}"
|
||||
encfs_mkdir "${name}" "${secdir}" "${rawdir}"
|
||||
[[ $? -eq 1 ]] && mount_done "${name}" "${reqid}"
|
||||
[[ $? -ne 0 ]] && continue
|
||||
ret=$?
|
||||
[[ $ret -eq 1 ]] && mount_done "${name}" "${reqid}"
|
||||
[[ $ret -ne 0 ]] && continue
|
||||
|
||||
# HERE: Not yet mounted.
|
||||
# Set XFS limits
|
||||
load_limits "${name}"
|
||||
[[ -n $SF_USER_FS_INODE_MAX ]] || [[ -n $SF_USER_FS_BYTES_MAX ]] && {
|
||||
|
||||
SF_NUM=$(<"/config/db/db-${name}/num") || continue
|
||||
SF_HOSTNAME=$(<"/config/db/db-${name}/hostname") || continue
|
||||
prjid=$((SF_NUM + 10000000))
|
||||
@ -178,6 +181,7 @@ redis_loop_forever()
|
||||
is_xfs_limit=1
|
||||
}
|
||||
|
||||
|
||||
# Mount if not already mounted. Continue on error (let client hang)
|
||||
encfs_mount "${name}" "${secret}" "${secdir}" "${rawdir}" "noatime" "/sec (INODE_MAX=${SF_USER_FS_INODE_MAX}, BYTES_MAX=${SF_USER_FS_BYTES_MAX})" || continue
|
||||
|
||||
|
@ -81,7 +81,7 @@ RUN apt-get update -y \
|
||||
&& DEBIAN_FRONTEND=noninteractive /pkg-install.sh HACK apt-get install -y --no-install-recommends \
|
||||
assetfinder \
|
||||
dnsmap \
|
||||
fuff \
|
||||
ffuf \
|
||||
hydra \
|
||||
gobuster \
|
||||
irssi \
|
||||
|
@ -212,8 +212,10 @@ docker_config()
|
||||
xinstall daemon.json /etc/docker/
|
||||
xinstall docker_limit.slice /etc/systemd/system/ && {
|
||||
ncpu=$(nproc)
|
||||
[[ -n $ncpu ]] && ncpu=1
|
||||
sed "s/CPUQuota=.*/CPUQuota=${ncpu}00%/" -i /etc/systemd/system/docker_limit.slice
|
||||
[[ -z $ncpu ]] && ncpu=1
|
||||
# Always reserver 5% for host
|
||||
maxp=$((ncpu * 100 - 5))
|
||||
sed "s/CPUQuota=.*/CPUQuota=${maxp}%/" -i /etc/systemd/system/docker_limit.slice
|
||||
sed 's/^Restart=always.*$/Restart=on-failure\nSlice=docker_limit.slice/' -i /lib/systemd/system/docker.service
|
||||
sed 's/^OOMScoreAdjust=.*$/OOMScoreAdjust=-1000/' -i /lib/systemd/system/docker.service
|
||||
}
|
||||
|
2
sfbin/sf
2
sfbin/sf
@ -34,7 +34,7 @@ xfs_init_quota()
|
||||
|
||||
command -v xfs_quota &>/dev/null || { WARN "[${prj}] XFS-QUOTA not set"; return 255; }
|
||||
|
||||
grep "^${prj}" /etc/projid >/dev/null || echo "${prj}:${id}" >>/etc/projid
|
||||
grep "^${prj}" /etc/projid &>/dev/null || echo "${prj}:${id}" >>/etc/projid
|
||||
# This survives a reboot but maybe our parameters have changed. Set to latest:
|
||||
xfs_quota -x -c "limit -p ihard=${ihard} bhard=${bhard} ${prj}" || { WARN "[${prj}] XFS-QUOTA not set"; return 255; }
|
||||
xfs_quota -x -c "project -s -p${dir} ${prj}" >/dev/null || { WARN "[${prj}] XFS-QUOTA not set"; return 255; }
|
||||
|
Loading…
Reference in New Issue
Block a user