Comlim

Ruby command runner with resource limits

2018-08-23

Comlim is a command builder for Ruby focusing on an easy interface to restricted execution—limiting memory, runtime, and command output.

Runner = Comlim.memory(32.megabytes)
               .cputime(30.seconds)
               .runtime(60.seconds)
               .output(4.kilobytes)

RubyRunner = Runner.command('ruby').arg('-e')
RubyRunner.arg('loop { }').execute # killed after 30 seconds

Notes

CPU and memory limits are enforced by the OS via spawn’s rlimit_cpu and rlimit_memory options. Output and runtime limits are enforced by the library, with output collected via non-blocking reads.

Unfortunately, there’s no time-limited waitpid2, other than an instant WNOHANG flag, so waiting for exiting programs polls at 100Hz. timeout is another possibility, but given how broken it is, polling seemed the lesser of two evils by far.