Date: Tue, 25 Mar 2003 09:48:33 +0100 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: Marcel Moolenaar <marcel@xcllnt.net> Cc: David Schultz <das@FreeBSD.ORG>, Garance A Drosihn <drosih@rpi.edu>, Dan Nelson <dnelson@allantgroup.com>, Wes Peters <wes@softweyr.com>, freebsd-arch@FreeBSD.ORG Subject: Re: Patch to protect process from pageout killing Message-ID: <14594.1048582113@critter.freebsd.dk> In-Reply-To: Your message of "Tue, 25 Mar 2003 00:42:47 PST." <20030325084247.GA17195@dhcp01.pn.xcllnt.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20030325084247.GA17195@dhcp01.pn.xcllnt.net>, Marcel Moolenaar writ es: >> To tackle them from behind: >> >> Wes has a proposal for #3 which is a per-process flag which says >> "I'm sacred". I think that is a sound principle since that is >> usually exactly what people want: Do Not Kill This Process. >> >> Certain processes already enjoy special protection, pid==1 most >> notably, this would just be a way to make the same protection >> available to other processes. I'm not happy about using the >> resourcelimit code for booleans, and I don't think the flag >> should be inherited, but otherwise I'm for the idea. > >JFYI: On ia64 there are 12 bits in the ELF header reserved for OS >specific flags. A very natural way to flag a process as being sacred >is by flagging the ELF executable. You could use brandelf for that. Many years ago, we had a local hack so you could specify the nice(2) that a given program would be executed at (relative to the parent process) in the a.out file. This allowed us to keep games open during the day because we could argue that running at -20 they used only resources not otherwise claimed. Other operating systems have much more expressive facilities for putting attributes on a program. In some cases this is being held stronly against them. I think, but am not sure, that we can now introduce practically any policy we might like with MAC. (NB: deliberate rwatson-trigger) How the flags/attributes gets to be set on the wanted subset of processes is by no means uninteresting, but until something pays attention to the flag... -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14594.1048582113>