From owner-freebsd-security Thu Sep 6 15: 7:40 2001 Delivered-To: freebsd-security@freebsd.org Received: from brea.mc.mpls.visi.com (brea.mc.mpls.visi.com [208.42.156.100]) by hub.freebsd.org (Postfix) with ESMTP id A336D37B401 for ; Thu, 6 Sep 2001 15:07:33 -0700 (PDT) Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193]) by brea.mc.mpls.visi.com (Postfix) with ESMTP id DDCAC2DDD3C; Thu, 6 Sep 2001 17:07:32 -0500 (CDT) Received: (from hawkeyd@localhost) by sheol.localdomain (8.11.1/8.11.1) id f86M7Vs19001; Thu, 6 Sep 2001 17:07:31 -0500 (CDT) (envelope-from hawkeyd) Date: Thu, 6 Sep 2001 17:07:31 -0500 From: D J Hawkey Jr To: steve@nomad.tor.lets.net, freebsd-security@freebsd.org Subject: Re: when mail full /tmp partition, system cracked Message-ID: <20010906170731.A18984@sheol.localdomain> Reply-To: hawkeyd@visi.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In article <20010906152832.A44174_nomad.lets.net@ns.sol.net>, steve@nomad.tor.lets.net writes: > On Thu, Sep 06, 2001 at 10:45:47AM -0300, Fernando Schapachnik wrote: >> En un mensaje anterior, edwin chan escribi: >> > we found the messages in log: >> > >> > Sep 5 21:00:33 www /kernel: swap_pager: out of swap space >> > Sep 5 21:00:33 www /kernel: swap_pager_getswapspace: failed >> >> What might have happened is that a the great amount of email forked a >> great amount of processes which in turn ate all available memory and >> swap. Your machine ran out of swap. Either increase it (look at the >> FAQ & handbook for instructions) or add more memory. Or impose >> resource limits (can do it via login.conf and/or sendmail.cf >> -MaxDaemonChildren, RefuseLA, etc.-). > > What is supposed to happen is the largest process is supposed > to be killed if virtual memory is exhausted. There is a bug in > 4.3-RELEASE that prevents this from happening. The kernel hangs > before any processes get killed. Is "the largest process" selective, to some degree or another? That is, will it (can it?) discern a "more valuable" process from a "lesser one"? Can it be told to kill off the last process started, as opposed to the largest? I myself would find this preferable in many cases. > It has fixed in STABLE. No patch for the RELENG_4_3 tree in store, I take it? I browsed the CVS tree; is the fix contained entirely in vm_map.c? > -steve Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message