From 02d0e94ef628009b3b4ece58b13f36f85ae0bc59 Mon Sep 17 00:00:00 2001
From: Christer Edwards <christer.edwards@gmail.com>
Date: Sun, 26 Jan 2020 10:08:42 -0700
Subject: [PATCH] add/remove rctl limits on container start/stop

---
 usr/local/share/bastille/start.sh | 7 +++++++
 usr/local/share/bastille/stop.sh  | 7 +++++++
 2 files changed, 14 insertions(+)

diff --git a/usr/local/share/bastille/start.sh b/usr/local/share/bastille/start.sh
index 931be184..a1f5e89b 100644
--- a/usr/local/share/bastille/start.sh
+++ b/usr/local/share/bastille/start.sh
@@ -67,6 +67,13 @@ for _jail in ${JAILS}; do
         echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
         jail -f "${bastille_jailsdir}/${_jail}/jail.conf" -c ${_jail}
 
+        ## add rctl limits
+        if [ -s "${bastille_jailsdir}/${_jail}/rctl.conf" ]; then
+            while read _limits; do
+                rctl -a "${_limits}"
+            done < "${bastille_jailsdir}/${_jail}/rctl.conf"
+        fi
+
         ## add ip4.addr to firewall table:jails
         if [ ! -z "${bastille_jail_loopback}" ]; then
             pfctl -q -t jails -T add $(jls -j ${_jail} ip4.addr)
diff --git a/usr/local/share/bastille/stop.sh b/usr/local/share/bastille/stop.sh
index 93a62ba2..a66d6d07 100644
--- a/usr/local/share/bastille/stop.sh
+++ b/usr/local/share/bastille/stop.sh
@@ -69,6 +69,13 @@ for _jail in ${JAILS}; do
             pfctl -q -t jails -T delete $(jls -j ${_jail} ip4.addr)
         fi
 
+        ## remove rctl limits
+        if [ -s "${bastille_jailsdir}/${_jail}/rctl.conf" ]; then
+            while read _limits; do
+                rctl -r "${_limits}"
+            done < "${bastille_jailsdir}/${_jail}/rctl.conf"
+        fi
+
         ## stop container
         echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
         jail -f "${bastille_jailsdir}/${_jail}/jail.conf" -r ${_jail}