From 379929e052673055e459792cfc294385a42b58da Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
Date: Sun, 13 Nov 2022 10:12:52 +0100
Subject: [PATCH] Deprecate setting operating system limits from named.conf

It was possible to set operating system limits (RLIMIT_DATA,
RLIMIT_STACK, RLIMIT_CORE and RLIMIT_NOFILE) from named.conf.  It's
better to leave these untouched as setting these is responsibility of
the operating system and/or supervisor.

Deprecate the configuration options and remove them in future BIND 9
release.
---
 bin/tests/system/checkconf/good.conf.in |  3 ---
 doc/arm/reference.rst                   | 16 ++++++++--------
 doc/man/named.conf.5in                  |  8 ++++----
 doc/misc/options                        |  8 ++++----
 lib/isccfg/namedconf.c                  |  8 ++++----
 5 files changed, 20 insertions(+), 23 deletions(-)

diff --git a/bin/tests/system/checkconf/good.conf.in b/bin/tests/system/checkconf/good.conf.in
index 9ed4ece922..46b15a8559 100644
--- a/bin/tests/system/checkconf/good.conf.in
+++ b/bin/tests/system/checkconf/good.conf.in
@@ -45,12 +45,9 @@ options {
 	blackhole {
 		10.0.0.0/8;
 	};
-	coresize 1073741824;
-	datasize 104857600;
 	directory ".";
 	dscp 41;
 	dump-file "named_dumpdb";
-	files 1000;
 	heartbeat-interval 30;
 	hostname none;
 	interface-interval 30;
diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst
index 38396f03a5..4459e78f2e 100644
--- a/doc/arm/reference.rst
+++ b/doc/arm/reference.rst
@@ -3645,19 +3645,19 @@ gigabyte. ``unlimited`` requests unlimited use, or the maximum available
 amount. ``default`` uses the limit that was in force when the server was
 started. See the description of :term:`size`.
 
-The following options set operating system resource limits for the name
-server process. Some operating systems do not support some or any of the
-limits; on such systems, a warning is issued if an unsupported
-limit is used.
+The following options are deprecated in favor of setting the operating system
+resource limits from the operating system and/or process supervisor, should not
+be used, and will be rendered non-operational in a future release.
+
 
 .. namedconf:statement:: coresize
-   :tags: server
+   :tags: deprecated
    :short: Sets the maximum size of a core dump.
 
    This sets the maximum size of a core dump. The default is ``default``.
 
 .. namedconf:statement:: datasize
-   :tags: server
+   :tags: deprecated
    :short: Sets the maximum amount of data memory that can be used by the server.
 
    This sets the maximum amount of data memory the server may use. The default is
@@ -3672,14 +3672,14 @@ limit is used.
    instead.
 
 .. namedconf:statement:: files
-   :tags: server
+   :tags: deprecated
    :short: Sets the maximum number of files the server may have open concurrently.
 
    This sets the maximum number of files the server may have open concurrently.
    The default is ``unlimited``.
 
 .. namedconf:statement:: stacksize
-   :tags: server
+   :tags: deprecated
    :short: Sets the maximum amount of stack memory that can be used by the server.
 
    This sets the maximum amount of stack memory the server may use. The default is
diff --git a/doc/man/named.conf.5in b/doc/man/named.conf.5in
index 9c72969748..6831f2b329 100644
--- a/doc/man/named.conf.5in
+++ b/doc/man/named.conf.5in
@@ -152,8 +152,8 @@ options {
 	clients\-per\-query <integer>;
 	cookie\-algorithm ( aes | siphash24 );
 	cookie\-secret <string>; // may occur multiple times
-	coresize ( default | unlimited | <sizeval> );
-	datasize ( default | unlimited | <sizeval> );
+	coresize ( default | unlimited | <sizeval> ); // deprecated
+	datasize ( default | unlimited | <sizeval> ); // deprecated
 	deny\-answer\-addresses { <address_match_element>; ... } [ except\-from { <string>; ... } ];
 	deny\-answer\-aliases { <string>; ... } [ except\-from { <string>; ... } ];
 	dialup ( notify | notify\-passive | passive | refresh | <boolean> );
@@ -196,7 +196,7 @@ options {
 	fetch\-quota\-params <integer> <fixedpoint> <fixedpoint> <fixedpoint>;
 	fetches\-per\-server <integer> [ ( drop | fail ) ];
 	fetches\-per\-zone <integer> [ ( drop | fail ) ];
-	files ( default | unlimited | <sizeval> );
+	files ( default | unlimited | <sizeval> ); // deprecated
 	flush\-zones\-on\-shutdown <boolean>;
 	forward ( first | only );
 	forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
@@ -331,7 +331,7 @@ options {
 	sig\-signing\-type <integer>;
 	sig\-validity\-interval <integer> [ <integer> ];
 	sortlist { <address_match_element>; ... };
-	stacksize ( default | unlimited | <sizeval> );
+	stacksize ( default | unlimited | <sizeval> ); // deprecated
 	stale\-answer\-client\-timeout ( disabled | off | <integer> );
 	stale\-answer\-enable <boolean>;
 	stale\-answer\-ttl <duration>;
diff --git a/doc/misc/options b/doc/misc/options
index 8857e4f674..00333ae2cf 100644
--- a/doc/misc/options
+++ b/doc/misc/options
@@ -95,8 +95,8 @@ options {
 	clients-per-query <integer>;
 	cookie-algorithm ( aes | siphash24 );
 	cookie-secret <string>; // may occur multiple times
-	coresize ( default | unlimited | <sizeval> );
-	datasize ( default | unlimited | <sizeval> );
+	coresize ( default | unlimited | <sizeval> ); // deprecated
+	datasize ( default | unlimited | <sizeval> ); // deprecated
 	deny-answer-addresses { <address_match_element>; ... } [ except-from { <string>; ... } ];
 	deny-answer-aliases { <string>; ... } [ except-from { <string>; ... } ];
 	dialup ( notify | notify-passive | passive | refresh | <boolean> );
@@ -139,7 +139,7 @@ options {
 	fetch-quota-params <integer> <fixedpoint> <fixedpoint> <fixedpoint>;
 	fetches-per-server <integer> [ ( drop | fail ) ];
 	fetches-per-zone <integer> [ ( drop | fail ) ];
-	files ( default | unlimited | <sizeval> );
+	files ( default | unlimited | <sizeval> ); // deprecated
 	flush-zones-on-shutdown <boolean>;
 	forward ( first | only );
 	forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
@@ -274,7 +274,7 @@ options {
 	sig-signing-type <integer>;
 	sig-validity-interval <integer> [ <integer> ];
 	sortlist { <address_match_element>; ... };
-	stacksize ( default | unlimited | <sizeval> );
+	stacksize ( default | unlimited | <sizeval> ); // deprecated
 	stale-answer-client-timeout ( disabled | off | <integer> );
 	stale-answer-enable <boolean>;
 	stale-answer-ttl <duration>;
diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c
index fea1281832..63bc80a89f 100644
--- a/lib/isccfg/namedconf.c
+++ b/lib/isccfg/namedconf.c
@@ -1218,8 +1218,8 @@ static cfg_clausedef_t options_clauses[] = {
 	{ "blackhole", &cfg_type_bracketed_aml, 0 },
 	{ "cookie-algorithm", &cfg_type_cookiealg, 0 },
 	{ "cookie-secret", &cfg_type_sstring, CFG_CLAUSEFLAG_MULTI },
-	{ "coresize", &cfg_type_size, 0 },
-	{ "datasize", &cfg_type_size, 0 },
+	{ "coresize", &cfg_type_size, CFG_CLAUSEFLAG_DEPRECATED },
+	{ "datasize", &cfg_type_size, CFG_CLAUSEFLAG_DEPRECATED },
 	{ "deallocate-on-exit", NULL, CFG_CLAUSEFLAG_ANCIENT },
 	{ "directory", &cfg_type_qstring, CFG_CLAUSEFLAG_CALLBACK },
 #ifdef HAVE_DNSTAP
@@ -1236,7 +1236,7 @@ static cfg_clausedef_t options_clauses[] = {
 	{ "dscp", &cfg_type_uint32, 0 },
 	{ "dump-file", &cfg_type_qstring, 0 },
 	{ "fake-iquery", NULL, CFG_CLAUSEFLAG_ANCIENT },
-	{ "files", &cfg_type_size, 0 },
+	{ "files", &cfg_type_size, CFG_CLAUSEFLAG_DEPRECATED },
 	{ "flush-zones-on-shutdown", &cfg_type_boolean, 0 },
 #ifdef HAVE_DNSTAP
 	{ "fstrm-set-buffer-hint", &cfg_type_uint32, 0 },
@@ -1318,7 +1318,7 @@ static cfg_clausedef_t options_clauses[] = {
 	{ "session-keyfile", &cfg_type_qstringornone, 0 },
 	{ "session-keyname", &cfg_type_astring, 0 },
 	{ "sit-secret", NULL, CFG_CLAUSEFLAG_ANCIENT },
-	{ "stacksize", &cfg_type_size, 0 },
+	{ "stacksize", &cfg_type_size, CFG_CLAUSEFLAG_DEPRECATED },
 	{ "startup-notify-rate", &cfg_type_uint32, 0 },
 	{ "statistics-file", &cfg_type_qstring, 0 },
 	{ "statistics-interval", NULL, CFG_CLAUSEFLAG_ANCIENT },