From owner-freebsd-hackers@freebsd.org Wed Feb 3 10:53:53 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A8877A991EE for ; Wed, 3 Feb 2016 10:53:53 +0000 (UTC) (envelope-from araujobsdport@gmail.com) Received: from mail-ob0-x22a.google.com (mail-ob0-x22a.google.com [IPv6:2607:f8b0:4003:c01::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6BBC362C; Wed, 3 Feb 2016 10:53:53 +0000 (UTC) (envelope-from araujobsdport@gmail.com) Received: by mail-ob0-x22a.google.com with SMTP id xk3so24005092obc.2; Wed, 03 Feb 2016 02:53:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=oB7mfoN6WNU1dePo1hp75SHGT0FxfM2Tzb1JTDLouuA=; b=Q1rext8blhVoyncZc4js6tOLjHNIUl1D3YEGydiglX3zLgxEdYNl0yg5JEEQKBjaJr CAp9pnA6WW0mONzvgBqa+tLbt1nR+HS+FBbtDyzuLFsH/eFUVFj7krjZ8iwkKUWz0E34 kfeWTBzpFv/N8QZAq3hjIE03+0zv1nWgg/Ymswhgu61tQSCc3kAC+sIamesAkkrvGDhe 0hJYBj7abB3nCz8vAJtidjnkOswxDs3er5IldA0t7bM/MZzicmFlkFf7QGPXkF2CrqSv rcTKr3tVfLaI/zA35Z/SxAEswhrpwUzDjExIrg+7aNxFLYxkSILDgqvWTR/3VXglr/Ft HPuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=oB7mfoN6WNU1dePo1hp75SHGT0FxfM2Tzb1JTDLouuA=; b=RuFN37ZessYLi1s4slnkdoOfiOV4uQSZSVLzaywAzbLwpc5hwQ1qrjiWWMcVJloqyg vU2V26v8JjgkgbGtKdAZSGoSASKgeXYVVW6Utw6CFBwtIfY6/wpOPMXYAqEvOhn++/7Q ponTI/Kx55QnKosRFaTBqZlEu0hkYQnXl2WWjNLmHlLHUmJHSK0reoPNnNT+FSHFj42e bnwM7LLWNpwuJzOvZiprvLF3dfocBUB26IWJzD3tS5ocbjGvfxL3KWFRxo939sfrLKLp YsoDc0xRRU5LdF4tEl2zLmdfI8cb1PsD09XeQ/RTw8C3GGexGgnf1AtQk3evMxVflh9O ax8g== X-Gm-Message-State: AG10YOSq4Tke+PvaXYHh0VJgFmm3iiOXVK+pTdVTrX3coZhq86lPEwJGy44Jn5bbcvtZtWROZhctp6vLfsHcfg== MIME-Version: 1.0 X-Received: by 10.60.246.74 with SMTP id xu10mr971551oec.31.1454496832615; Wed, 03 Feb 2016 02:53:52 -0800 (PST) Received: by 10.182.5.138 with HTTP; Wed, 3 Feb 2016 02:53:52 -0800 (PST) Received: by 10.182.5.138 with HTTP; Wed, 3 Feb 2016 02:53:52 -0800 (PST) Reply-To: araujo@FreeBSD.org In-Reply-To: <1453903686.42081.32.camel@freebsd.org> References: <56A86D91.3040709@freebsd.org> <1453903686.42081.32.camel@freebsd.org> Date: Wed, 3 Feb 2016 18:53:52 +0800 Message-ID: Subject: Re: syslogd(8) with OOM Killer protection From: Marcelo Araujo To: Ian Lepore Cc: freebsd-hackers@freebsd.org, Allan Jude Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Feb 2016 10:53:53 -0000 Hi, Thanks everybody for the feedback! So here is a potential patch that covers what we did talk here already: https://reviews.freebsd.org/D5176 Note that I'm still making more tests and this patch is not ready to be used in production. Basically we can add oom protection doing: syslogd_oomprotect="Yes" where it will protect only the main processes. Or syslogd_oomprotect="All" where it will protect all future children of the specified processes. Best. On Jan 27, 2016 10:08 PM, "Ian Lepore" wrote: > On Wed, 2016-01-27 at 02:11 -0500, Allan Jude wrote: > > On 2016-01-27 01:21, Marcelo Araujo wrote: > > > Hi guys, > > > > > > I would like to know your opinion about this REVIEW[1]. > > > The basic idea is protect by default the syslogd(8) against been > > > killed by > > > OOM with an option to disable the protection. > > > > > > Some people like the idea, other people would prefer something more > > > global > > > where we can protect any daemon by the discretion of our choice. > > > > > > Thoughts? > > > > > > > > > [1] https://reviews.freebsd.org/D4973 > > > > > > > > > Best, > > > > > > > I do like the idea of generalizing it, say via rc.subr > > > > So you can just do: > > > > someapp_protect=YES (and maybe syslogd has this enabled by default in > > /etc/defaults/rc.conf) and it prefixes the start command with protect > > -i. > > > > Maybe the setting could be named *_oomprotect to make it clear what > kind of protection is being configured? > > -- Ian > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" >