From nobody Thu Nov  9 11:20:30 2023
X-Original-To: freebsd-arch@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SQzyp22Kzz50NrN
	for <freebsd-arch@mlmmj.nyi.freebsd.org>; Thu,  9 Nov 2023 11:20:34 +0000 (UTC)
	(envelope-from philip@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SQzyp1cwCz4PlZ;
	Thu,  9 Nov 2023 11:20:34 +0000 (UTC)
	(envelope-from philip@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1699528834;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=zVq6ypEF7A1ui9SmHdd/dO9I/ocEVS5Zek5QZYcaflM=;
	b=aTS4S+sNnhT3FTWVoxVYQ/Mr7PODxzL+ntxi/lLY/X/Jcl20Qm2b37xeWQojRnvIfMps9N
	K6UnwPXgXRVRDBM6WqSUYFMHq4Rp5OWNjia5uMq+uklcIkYfGf2130Oa3tsxW/tZ65Q4/k
	PrCbps4Ynlw8R8azUeJzkQa/aC7uyvne1q17WIqBfSRmiS9/JLR1r8SBaljjrDCr2/lJ0F
	YE3XbPZP3U0CTwY/Fgka5qZARCG2a8hrXASgAlUIOmvsYfCh5srBqRyizT9rJzU89p1P5m
	I4a57wtvzUh3m98TtZ9O0M0tny1E6MnVpQDo4le1RTfQxcIAu1ataYwVD1EZgw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1699528834;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=zVq6ypEF7A1ui9SmHdd/dO9I/ocEVS5Zek5QZYcaflM=;
	b=SrRlnLck1PIf0cObSYBaiP5IGAcmPIAhc1/RuqfUuRLT6sMflmEwrrPxpY61v1ApjmWLLi
	iddtfNwxWJpPvMfLWgBy4+rI8VPR4VdNKJgXzBGlaCUzxD216t+xcy4QSqW6aw5lcuEs/n
	U4X2bQ2fSJOFgGlAPL4+3fnNp9FPhibUx/9/ienRyOedCAmT7Z8KarDQTPK0sGXQSO1ac5
	F3aoCkxqjQYKOrNtrl37sYXB9UyTXG6MO9pnMTjhPzy8p9cIuWE9Bks8Kh40FttQOp+a13
	Ed7kuxi4WrthCD1Rgujt9cWh6Bhdtapk8ftOcMYrbvtQkXEMD5TnitnSuThtrA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1699528834; a=rsa-sha256; cv=none;
	b=dkdgCPzV580eYJiXWFdw1EpTra4N3CvS29hEJuCt99EWL2YiAfJ31/H7lVSAdjBO09ukDb
	aeDJRmvG77SnHUxkqF6470FVRiXHHrPUl9T1Ipl7wQJKh5yF/ZBWsWWWiSMDj7v0uBEsCl
	Rs6tGFhgGsWEh8M1UAE9Vvq5nQSFvii1oJUiNXKkyQGwwdnRoJ4+HjER99BdF8dQ08UmTu
	McZ4iDHaheghGNhtGiFjpG1hqMqEAlYUel1O3oRGxT5VAUnsiSVGXzASaolL4wm772RCsr
	jJo1CBwHj/crwpCLYYjM9pJA7kOrZ9OsVY6SDhT7rF9UAZMdWuAgi9M5/+RYwQ==
Received: from auth1-smtp.messagingengine.com (auth1-smtp.messagingengine.com [66.111.4.227])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: philip/mail)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4SQzyp0W0Bz78c;
	Thu,  9 Nov 2023 11:20:34 +0000 (UTC)
	(envelope-from philip@freebsd.org)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46])
	by mailauth.nyi.internal (Postfix) with ESMTP id E673427C005A;
	Thu,  9 Nov 2023 06:20:33 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163])
  by compute2.internal (MEProxy); Thu, 09 Nov 2023 06:20:33 -0500
X-ME-Sender: <xms:gcBMZb4dJznmJA0KzCdaggCGz73ADXvYcsj3v1uZc5wDTqhoBQpDzg>
    <xme:gcBMZQ56fvHxCY7lwYuL2yeA3RSj0tenqY7CFlPQl_uUZjl-rBxFyAauTiQuIyLmS
    MKFnsY9F7Fs25ru9Mo>
X-ME-Received: <xmr:gcBMZSfkyhSFd-vLnfrjC2p9fCIDNxHip2MnPLTt0cecZJXcOp854zUVU8R4e6N5Csl-wtdFeb8Sb8bZHqp_07NbFwmRDIY7IA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedruddvuddgvdehucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
    cujfgurhephffvvefufffokfgjfhggtgesthdtmhdtredttdenucfhrhhomheprfhhihhl
    ihhpucfrrggvphhsuceophhhihhlihhpsehfrhgvvggsshgurdhorhhgqeenucggtffrrg
    htthgvrhhnpefggfefieegtedtledtgfevtdfftdegvdehueeiteehteefieefveevtedv
    vdekgeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpe
    hphhhilhhiphdomhgvshhmthhprghuthhhphgvrhhsohhnrghlihhthidqudduieeivdei
    vdegkedqvdefhedukedttdekqdhphhhilhhipheppehfrhgvvggsshgurdhorhhgsehtrh
    houhgslhgvrdhish
X-ME-Proxy: <xmx:gcBMZcKaNY57yzWHOEf2k0Nj77T_o7F4DUAXr7-K8Ytj__EJ35hKMg>
    <xmx:gcBMZfL0-NhusAVWT8MBIVkylu_1uVFk_85o32GXku988MoFdQx7Ig>
    <xmx:gcBMZVxTEDq-VI6NJ6DOVIynctqL7c3bLd_oRs8P0mB1WY1EeMCTtA>
    <xmx:gcBMZWXu_gkr6GK3oGaAAKzZFCZQ-maf0r7Njm_cvHj6Oz8hlUOQ6g>
Feedback-ID: ia691475d:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu,
 9 Nov 2023 06:20:32 -0500 (EST)
From: Philip Paeps <philip@freebsd.org>
To: Robert Clausecker <fuz@fuz.su>
Cc: Alexander Leidinger <Alexander@leidinger.net>, freebsd-arch@freebsd.org
Subject: Re: Any particular reason we don't have sshd oomprotected by default?
Date: Thu, 09 Nov 2023 19:20:30 +0800
X-Mailer: MailMate (1.14r5998)
Message-ID: <C31C649C-049E-487F-9ADB-C8B3A78C4020@freebsd.org>
In-Reply-To: <ZUyTnDAJ3HOppG8h@fuz.su>
References: <8b9484ba83e373ece0e322e14c924da6@Leidinger.net>
 <ZUyTnDAJ3HOppG8h@fuz.su>
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-arch
List-Help: <mailto:freebsd-arch+help@freebsd.org>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Subscribe: <mailto:freebsd-arch+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-arch+unsubscribe@freebsd.org>
Sender: owner-freebsd-arch@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; format=flowed

On 2023-11-09 16:09:00 (+0800), Robert Clausecker wrote:
> I encountered the same issue a while ago, leaving my system in a
> vegetative state.  I would propose to add syslogd and cron to the
> list.  Syslogd because when it dies and you don't notice, you may go 
> for
> a long time without syslogs, cron because a dead cron means no
> housekeeping tasks happen, including some which the administrator may
> have intended to fix an issue causing an OOM condition (e.g.
> periodically restarting services with known memory leaks or cleaning
> tmpfs-based file systems).

In my experience, cron is more often the cause of an OOM condition than 
a help to making it stop. :-)

Philip

-- 
Philip Paeps
Senior Reality Engineer
Alternative Enterprises