From owner-freebsd-hackers@freebsd.org  Wed Jan 27 16:48:03 2016
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id C8CF7A708A8
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Wed, 27 Jan 2016 16:48:03 +0000 (UTC)
 (envelope-from mailinglists@toco-domains.de)
Received: from toco-domains.de (mail.toco-domains.de
 [IPv6:2a01:4f8:150:50a5::6])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 9507E1606
 for <freebsd-hackers@freebsd.org>; Wed, 27 Jan 2016 16:48:03 +0000 (UTC)
 (envelope-from mailinglists@toco-domains.de)
Received: from [0.0.0.0] (mail.toco-domains.de [IPv6:2a01:4f8:150:50a5::6])
 by toco-domains.de (Postfix) with ESMTPA id 2B2791B220AB
 for <freebsd-hackers@freebsd.org>; Wed, 27 Jan 2016 17:48:01 +0100 (CET)
Subject: Re: syslogd(8) with OOM Killer protection
To: freebsd-hackers@freebsd.org
References: <CAOfEmZgzL2Ldu53CeSsKcUe00H1VAukhEopSUmpUK0=XAhsD1A@mail.gmail.com>
 <56A86D91.3040709@freebsd.org>
 <alpine.BSF.2.20.1601270932220.30320@wonkity.com>
From: Torsten Zuehlsdorff <mailinglists@toco-domains.de>
Message-ID: <56A8F4C0.9090200@toco-domains.de>
Date: Wed, 27 Jan 2016 17:48:00 +0100
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101
 Thunderbird/38.5.0
MIME-Version: 1.0
In-Reply-To: <alpine.BSF.2.20.1601270932220.30320@wonkity.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Jan 2016 16:48:03 -0000

On 27.01.2016 17:36, Warren Block wrote:

>>> I would like to know your opinion about this REVIEW[1].
>>> The basic idea is protect by default the syslogd(8) against been
>>> killed by
>>> OOM with an option to disable the protection.
>>>
>>> Some people like the idea, other people would prefer something more
>>> global
>>> where we can protect any daemon by the discretion of our choice.
>>>
>>> Thoughts?
>>>
>>>
>>> [1] https://reviews.freebsd.org/D4973
>>>
>>>
>>> Best,
>>>
>>
>> I do like the idea of generalizing it, say via rc.subr
>>
>> So you can just do:
>>
>> someapp_protect=YES (and maybe syslogd has this enabled by default in
>> /etc/defaults/rc.conf) and it prefixes the start command with protect -i.
>
> Possibly simpler to provide a list in one setting than an individual
> setting for each daemon.  With ideas from other posters:
>
>    oomprotect_daemons="crond syslogd"

I like this approach!

Greetings,
Torsten