From owner-freebsd-hackers@freebsd.org Thu Jan 28 13:05:05 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 72A4DA70368 for ; Thu, 28 Jan 2016 13:05:05 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 0B5E4178E; Thu, 28 Jan 2016 13:05:04 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221]) by hz.grosbein.net (8.14.9/8.14.9) with ESMTP id u0SD4rxx048994 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 28 Jan 2016 14:04:54 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: adrian.chadd@gmail.com Received: from eg.sd.rdtc.ru (eugen@localhost [127.0.0.1]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTP id u0SD4gq3071548; Thu, 28 Jan 2016 20:04:43 +0700 (KRAT) (envelope-from eugen@grosbein.net) Subject: Re: syslogd(8) with OOM Killer protection To: Adrian Chadd , Marcelo Araujo References: Cc: "freebsd-hackers@freebsd.org" From: Eugene Grosbein Message-ID: <56AA11EA.1060903@grosbein.net> Date: Thu, 28 Jan 2016 20:04:42 +0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=0.3 required=5.0 tests=BAYES_00,LOCAL_FROM autolearn=no version=3.3.2 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on hz.grosbein.net X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jan 2016 13:05:05 -0000 On 27.01.2016 13:32, Adrian Chadd wrote: > I like it,how's it not done via some command line tool that we can run > any tool with? I've already responded to such idea in a comment to my original PR and like to repeat it here. IMHO, it is nearly impossible to correctly implement such protection for arbitrary daemonizing service by means of rc.subr, without modifications of service source code. Currently. We do have protect(1) utility but it only can protect single process it starts or all current/future children of started process and for daemons both cases are wrong: - protection of single process is meaningless because it forks to become daemon and that ceases protection; - protection of all future children is dangerous for daemons capable of running arbitrary subprocesses like syslogd can with "vertical bar" syntax of syslog.conf(5) as those future children may be "runaway" memory hogs. Perhaps, we could have kernel facility that keeps decreasing counter of forks and ceases protection of children when counter reaches zero level. Then teach protect(1) to (re-)set counter value and make rc.subr use it.