Date: Thu, 5 Feb 2009 15:29:19 GMT From: Denis Barov <dindin@dindin.ru> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/131423: [NEW PORT] Protect process from killing when the swap space is exhausted Message-ID: <200902051529.n15FTJLb025891@www.freebsd.org> Resent-Message-ID: <200902051530.n15FU3xP010805@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 131423 >Category: ports >Synopsis: [NEW PORT] Protect process from killing when the swap space is exhausted >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Feb 05 15:30:03 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Denis Barov >Release: FreeBSD 6.X 7.X 8.X >Organization: Yandex >Environment: FreeBSD zverushko.yandex.ru 7.1-RELEASE-p1 FreeBSD 7.1-RELEASE-p1 #0: Tue Jan 13 19:48:26 MSK 2009 root@ysbackup2:/.amd_mnt/ysbackup2/host/opt/usr/obj/opt/usr/RELENG_7_1/src/sys/W7_AMD64_ULE_LIN amd6 >Description: The scprotect utility is used for set or onset P_PROTECTED on running process Actually, scprotect uses syscall, implemented in module scprotect.ko. It's work like madvise(2) system call with MADV_PROTECT behaviour. Exeption is that madvise(2) can be used only by process itself, not from extertnal applications. It informs the VM system this process should not be killed when the swap space is exhausted. The process must have superuser privileges. This should be used for processes that must remain running for the system to properly function. >How-To-Repeat: >Fix: Patch attached with submission follows: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # scprotect/pkg-message # scprotect/pkg-descr # scprotect/distinfo # scprotect/pkg-plist # scprotect/Makefile # echo x - scprotect/pkg-message sed 's/^X//' >scprotect/pkg-message << '3a59d76a232f2bd601ee37c1bb5fbef5' X X******************************************************************************* X* This port contains a prebuilt kernel module. Due to the ever changing * X* nature of FreeBSD it may be necessary to rebuild the module after a kernel * X* source update. To do this reinstall the port. * X******************************************************************************* X XAlso you may set for example X Xscprotect_enable="YES" Xscprotect_progs="sshd named" X Xto protect those application even they was restarted 3a59d76a232f2bd601ee37c1bb5fbef5 echo x - scprotect/pkg-descr sed 's/^X//' >scprotect/pkg-descr << 'bb549abe3d968316567cf3bce07483dc' Xscprotect is implementation of system call for setting or unsetting XP_PROTECTED flag. It's similar to madvise(2) behaviour MADV_PROTECT, Xbut may be used for already running processes. Also rc.d/scprotect Xscripts allow you to set protection flag even if process was Xrestarted by user. X XWWW: http://dindin.ru/scprotect/ bb549abe3d968316567cf3bce07483dc echo x - scprotect/distinfo sed 's/^X//' >scprotect/distinfo << 'e64d0fc48577c701d346b7edb7867b42' XMD5 (scprotect-20090205.tar.gz) = 378f0cddd1308d2e6a4a622b8d5b47dd XSHA256 (scprotect-20090205.tar.gz) = e190e1cb332b44c763c772cc2abd5eed993ccb24ebe96f7cf417de8c6e180c11 XSIZE (scprotect-20090205.tar.gz) = 4659 e64d0fc48577c701d346b7edb7867b42 echo x - scprotect/pkg-plist sed 's/^X//' >scprotect/pkg-plist << 'b0d70fb6c79faa772a9fd7e7ad554972' Xbin/scprotect Xetc/rc.d/scprotect X@cwd / X%%KMODDIR%%/scprotect.ko b0d70fb6c79faa772a9fd7e7ad554972 echo x - scprotect/Makefile sed 's/^X//' >scprotect/Makefile << 'dd7eff44bbafd2ea74f1ec53587acdcb' X# New ports collection Makefile for: scprotect X# Date created: 5 Feb 2009 X# Whom: Denis Barov <dindin@dindin.ru> X# X# $FreeBSD$ X# X XPORTNAME= scprotect XPORTVERSION= 20090205 XCATEGORIES= sysutils kld XMASTER_SITES= http://dindin.ru/download/ X XMAINTAINER= dindin@dindin.ru XCOMMENT= Protect process from killing when the swap space is exhausted X XNO_PACKAGE= Depends on kernel X XKMODDIR= /boot/modules X XPLIST_SUB= KMODDIR=${KMODDIR} XWRKSRC= ${WRKDIR}/${PORTNAME} X XMAKE_ENV+= KMODDIR=${KMODDIR} X XMAN8= scprotect.8 XMANCOMPRESSED= maybe X X.include <bsd.port.pre.mk> X Xpre-fetch: X.if !exists(${SRC_BASE}/sys/Makefile) XIGNORE= requires kernel sources X.endif X Xpost-install: X @${CAT} ${PKGMESSAGE} X X.include <bsd.port.post.mk> dd7eff44bbafd2ea74f1ec53587acdcb exit >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200902051529.n15FTJLb025891>