Date: Fri, 10 Nov 2023 11:55:50 +0100 From: Daniel Ebdrup Jensen <debdrup@freebsd.org> To: freebsd-arch@freebsd.org Subject: Re: Any particular reason we don't have sshd oomprotected by default? Message-ID: <jsyaiqvlm6nezerej25ygclmpwenvcufy4u2fk7gvwhct4vd6y@nhgt5dimwqgz> In-Reply-To: <281A373B-E3E2-480E-AE00-C8C691463106@freebsd.org> References: <8b9484ba83e373ece0e322e14c924da6@Leidinger.net> <ZUyTnDAJ3HOppG8h@fuz.su> <C31C649C-049E-487F-9ADB-C8B3A78C4020@freebsd.org> <20231109195959.7B33B348@slippy.cwsent.com> <281A373B-E3E2-480E-AE00-C8C691463106@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--s3wjmut3inbtwaux
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Nov 10, 2023 at 10:31:53AM +0800, Philip Paeps wrote:
>On 2023-11-10 03:59:59 (+0800), Cy Schubert wrote:
>>Philip Paeps writes:
>>>On 2023-11-09 16:09:00 (+0800), Robert Clausecker wrote:
>>>>I encountered the same issue a while ago, leaving my system in a
>>>>vegetative state. I would propose to add syslogd and cron to the
>>>>list. Syslogd because when it dies and you don't notice, you may go
>>>>for
>>>>a long time without syslogs, cron because a dead cron means no
>>>>housekeeping tasks happen, including some which the=20
>>>>administrator may
>>>>have intended to fix an issue causing an OOM condition (e.g.
>>>>periodically restarting services with known memory leaks or cleaning
>>>>tmpfs-based file systems).
>>>
>>>In my experience, cron is more often the cause of an OOM condition=20
>>>than
>>>a help to making it stop. :-)
>>
>>Would that be cron or something that cron has started?
>
>A common pathology is something that is started every few minutes in=20
>the expectation that it will take less than a few minutes to run. =20
>Instead, it runs away with all memory. I'd rather let cron die of=20
>starvation than have it make the situation worse.
>
>So yes: something that has started. cron itself is not eating all=20
>memory.
>
>Philip
>
>--=20
>Philip Paeps
>Senior Reality Engineer
>Alternative Enterprises
>
Hi folks,
This is a relatively common scenario, yes - but interestingly
enough, FreeBSDs version has not only the @ invocation with a bunch
of different values, it can do arbitrary time-lengths as specified
with seconds.
The best part about the @ invocation, though, is that it attempts
waits that many seconds after the previous run has exited
successfully - so it's much harder to get into a situation as
described above.
My only reason for mentioning this, is that I think it's a pretty
neat little feature that not enough people know about, given its
usefulness.
Yours,
Daniel Ebdrup Jensen
--s3wjmut3inbtwaux
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQGTBAABCgB9FiEEDonNJPbg/JLIMoS6Ps5hSHzN87oFAmVODDZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDBF
ODlDRDI0RjZFMEZDOTJDODMyODRCQTNFQ0U2MTQ4N0NDREYzQkEACgkQPs5hSHzN
87pC7AgApFf9xs8dtfI7W5L6Sckw9APWgtG60+YAHCMD4IX1IXalJrhu4HrdRHZW
sU15uDzg5JowedMDhCz5peUl4UlRMNWGadRw6MKL03Rs7ijWNhb90OdOFmHF1/0j
9HVL6KSBWr8w6NptRrXQj793LEBMXuaE3FUTBiHhENcFBu7im80UP0S/iscw1gOY
D9YZ+cpKXXuIxmEfZYfVa6RwRHKYePz0vzC3O3GP6PvfMnd+kwEqlzd73YVlP+C+
blDKQaY91Ut4BuHQCFlJNijz3kE5YR7V3pz50RYJcYeLpUVq3Z5snD6GdXdQRxIE
u8Kn5et6I9K1EE++TyA8U8+zse3POw==
=dsLU
-----END PGP SIGNATURE-----
--s3wjmut3inbtwaux--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?jsyaiqvlm6nezerej25ygclmpwenvcufy4u2fk7gvwhct4vd6y>