#!/bin/bash
#
#
# Limit a user via cgroups without using cgroups directly
# taken from: https://unix.stackexchange.com/questions/732408/configure-cgroups-v2-for-fair-resources-sharing-between-users 

if [[ ! $@ ]]; then 
  printf "Usage jail_user.sh -u $user||$useruid\n" 
  exit 1
else
  while getopts "u:" opt; do
    case $opt in
      u) user=$OPTARG;
         useruid=$(getent passwd $user |cut -f3 -d':');
         if [[ ${#useruid} -eq 0 ]]; then
           printf "${user} not found in system!\n" && exit 1
         fi ;;
      *) printf "Usage jail_user.sh -u $user||$useruid" && exit 1 ;;
    esac
  done
fi

DIR=/etc/systemd/system/user-${useruid}.slice.d
CONF=override.conf
if [[ ! -e ${DIR} && ${useruid} ]]; then
  mkdir /etc/systemd/system/user-${useruid}.slice.d
  printf "%s\n" '[Slice]' >> ${DIR}/${CONF}
  printf "%s\n" 'MemoryMax=1G' >> ${DIR}/${CONF}
  printf "%s\n" 'CPUWeight=1' >> ${DIR}/${CONF}
  printf "%s\n" 'CPUQuota=1%' >> ${DIR}/${CONF}
  printf "%s\n" 'TasksMax=10' >> ${DIR}/${CONF}
elif [[ -e ${DIR} ]]; then
  printf "%s\n" "user.slice override already configured for ${user}!"
else
  printf "Usage jail_user.sh -u $user||$useruid\n"
  exit 1
fi
printf "%s\n" "Now run systemctl daemon-reload for changes to take effect!"
printf "%s\n" "Don't forget to sync newly created ${DIR} to other login nodes....."
exit 0