From owner-freebsd-ports-bugs@FreeBSD.ORG Thu Feb 5 15:30:04 2009 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 21A1A1065679 for ; Thu, 5 Feb 2009 15:30:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id F0E6D8FC27 for ; Thu, 5 Feb 2009 15:30:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n15FU3YH010812 for ; Thu, 5 Feb 2009 15:30:03 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n15FU3xP010805; Thu, 5 Feb 2009 15:30:03 GMT (envelope-from gnats) Resent-Date: Thu, 5 Feb 2009 15:30:03 GMT Resent-Message-Id: <200902051530.n15FU3xP010805@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Denis Barov Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A6402106566C for ; Thu, 5 Feb 2009 15:29:20 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id 93F1A8FC1A for ; Thu, 5 Feb 2009 15:29:20 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n15FTJDR025892 for ; Thu, 5 Feb 2009 15:29:19 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id n15FTJLb025891; Thu, 5 Feb 2009 15:29:19 GMT (envelope-from nobody) Message-Id: <200902051529.n15FTJLb025891@www.freebsd.org> Date: Thu, 5 Feb 2009 15:29:19 GMT From: Denis Barov To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: ports/131423: [NEW PORT] Protect process from killing when the swap space is exhausted X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Feb 2009 15:30:04 -0000 >Number: 131423 >Category: ports >Synopsis: [NEW PORT] Protect process from killing when the swap space is exhausted >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Feb 05 15:30:03 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Denis Barov >Release: FreeBSD 6.X 7.X 8.X >Organization: Yandex >Environment: FreeBSD zverushko.yandex.ru 7.1-RELEASE-p1 FreeBSD 7.1-RELEASE-p1 #0: Tue Jan 13 19:48:26 MSK 2009 root@ysbackup2:/.amd_mnt/ysbackup2/host/opt/usr/obj/opt/usr/RELENG_7_1/src/sys/W7_AMD64_ULE_LIN amd6 >Description: The scprotect utility is used for set or onset P_PROTECTED on running process Actually, scprotect uses syscall, implemented in module scprotect.ko. It's work like madvise(2) system call with MADV_PROTECT behaviour. Exeption is that madvise(2) can be used only by process itself, not from extertnal applications. It informs the VM system this process should not be killed when the swap space is exhausted. The process must have superuser privileges. This should be used for processes that must remain running for the system to properly function. >How-To-Repeat: >Fix: Patch attached with submission follows: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # scprotect/pkg-message # scprotect/pkg-descr # scprotect/distinfo # scprotect/pkg-plist # scprotect/Makefile # echo x - scprotect/pkg-message sed 's/^X//' >scprotect/pkg-message << '3a59d76a232f2bd601ee37c1bb5fbef5' X X******************************************************************************* X* This port contains a prebuilt kernel module. Due to the ever changing * X* nature of FreeBSD it may be necessary to rebuild the module after a kernel * X* source update. To do this reinstall the port. * X******************************************************************************* X XAlso you may set for example X Xscprotect_enable="YES" Xscprotect_progs="sshd named" X Xto protect those application even they was restarted 3a59d76a232f2bd601ee37c1bb5fbef5 echo x - scprotect/pkg-descr sed 's/^X//' >scprotect/pkg-descr << 'bb549abe3d968316567cf3bce07483dc' Xscprotect is implementation of system call for setting or unsetting XP_PROTECTED flag. It's similar to madvise(2) behaviour MADV_PROTECT, Xbut may be used for already running processes. Also rc.d/scprotect Xscripts allow you to set protection flag even if process was Xrestarted by user. X XWWW: http://dindin.ru/scprotect/ bb549abe3d968316567cf3bce07483dc echo x - scprotect/distinfo sed 's/^X//' >scprotect/distinfo << 'e64d0fc48577c701d346b7edb7867b42' XMD5 (scprotect-20090205.tar.gz) = 378f0cddd1308d2e6a4a622b8d5b47dd XSHA256 (scprotect-20090205.tar.gz) = e190e1cb332b44c763c772cc2abd5eed993ccb24ebe96f7cf417de8c6e180c11 XSIZE (scprotect-20090205.tar.gz) = 4659 e64d0fc48577c701d346b7edb7867b42 echo x - scprotect/pkg-plist sed 's/^X//' >scprotect/pkg-plist << 'b0d70fb6c79faa772a9fd7e7ad554972' Xbin/scprotect Xetc/rc.d/scprotect X@cwd / X%%KMODDIR%%/scprotect.ko b0d70fb6c79faa772a9fd7e7ad554972 echo x - scprotect/Makefile sed 's/^X//' >scprotect/Makefile << 'dd7eff44bbafd2ea74f1ec53587acdcb' X# New ports collection Makefile for: scprotect X# Date created: 5 Feb 2009 X# Whom: Denis Barov X# X# $FreeBSD$ X# X XPORTNAME= scprotect XPORTVERSION= 20090205 XCATEGORIES= sysutils kld XMASTER_SITES= http://dindin.ru/download/ X XMAINTAINER= dindin@dindin.ru XCOMMENT= Protect process from killing when the swap space is exhausted X XNO_PACKAGE= Depends on kernel X XKMODDIR= /boot/modules X XPLIST_SUB= KMODDIR=${KMODDIR} XWRKSRC= ${WRKDIR}/${PORTNAME} X XMAKE_ENV+= KMODDIR=${KMODDIR} X XMAN8= scprotect.8 XMANCOMPRESSED= maybe X X.include X Xpre-fetch: X.if !exists(${SRC_BASE}/sys/Makefile) XIGNORE= requires kernel sources X.endif X Xpost-install: X @${CAT} ${PKGMESSAGE} X X.include dd7eff44bbafd2ea74f1ec53587acdcb exit >Release-Note: >Audit-Trail: >Unformatted: