FreeBSD Bugzilla – Attachment 163419 Details for
Bug 204741
[patch] [feature-request] syslogd(8) should be able to protect itself from OOM killer
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
syslogd-protect.diff
syslogd.diff (text/plain), 2.30 KB, created by
Eugene Grosbein
on 2015-11-22 13:49:54 UTC
(
hide
)
Description:
syslogd-protect.diff
Filename:
MIME Type:
Creator:
Eugene Grosbein
Created:
2015-11-22 13:49:54 UTC
Size:
2.30 KB
patch
obsolete
>--- syslogd.8.orig 2015-11-18 11:38:31.951292000 +0700 >+++ syslogd.8 2015-11-22 20:33:30.888402000 +0700 >@@ -36,7 +36,7 @@ > .Nd log systems messages > .Sh SYNOPSIS > .Nm >-.Op Fl 468ACcdkNnosTuv >+.Op Fl 468ACcdkNnoOsTuv > .Op Fl a Ar allowed_peer > .Op Fl b Ar bind_address > .Op Fl f Ar config_file >@@ -241,6 +241,10 @@ Prefix kernel messages with the full ker > .Xr getbootfile 3 . > Without this, the kernel message prefix is always > .Dq Li kernel: . >+.It Fl O >+Protect >+.Nm >+from being killed if the system exhausts available memory and swap. > .It Fl p > Specify the pathname of an alternate log socket to be used instead; > the default is >--- syslogd.c.orig 2015-11-18 11:38:31.949954000 +0700 >+++ syslogd.c 2015-11-22 20:35:48.920190000 +0700 >@@ -89,6 +89,7 @@ __FBSDID("$FreeBSD: stable/10/usr.sbin/s > #include <sys/resource.h> > #include <sys/syslimits.h> > #include <sys/types.h> >+#include <sys/procctl.h> > > #include <netinet/in.h> > #include <netdb.h> >@@ -280,6 +281,7 @@ static int Initialized; /* set when we h > static int MarkInterval = 20 * 60; /* interval between marks in seconds */ > static int MarkSeq; /* mark sequence number */ > static int NoBind; /* don't bind() as suggested by RFC 3164 */ >+static int ProtectMode = 0; /* when true, protect from OOM killer */ > static int SecureMode; /* when true, receive only unix domain socks */ > #ifdef INET6 > static int family = PF_UNSPEC; /* protocol family (IPv4, IPv6 or both) */ >@@ -372,7 +374,7 @@ main(int argc, char *argv[]) > dprintf("madvise() failed: %s\n", strerror(errno)); > > bindhostname = NULL; >- while ((ch = getopt(argc, argv, "468Aa:b:cCdf:kl:m:nNop:P:sS:Tuv")) >+ while ((ch = getopt(argc, argv, "468Aa:b:cCdf:kl:m:nNoOp:P:sS:Tuv")) > != -1) > switch (ch) { > case '4': >@@ -461,6 +463,13 @@ main(int argc, char *argv[]) > case 'o': > use_bootfile = 1; > break; >+ /* >+ * Protect itself from being killed >+ * when swap space is exhausted. >+ */ >+ case 'O': >+ ProtectMode++; >+ break; > case 'p': /* path */ > if (strlen(optarg) >= sizeof(sunx.sun_path)) > errx(1, "%s path too long, exiting", optarg); >@@ -591,6 +600,11 @@ main(int argc, char *argv[]) > /* tuck my process id away */ > pidfile_write(pfh); > >+ if (ProtectMode) { >+ int p_flags = PPROT_SET; >+ procctl(P_PID, getpid(), PROC_SPROTECT, &p_flags); >+ } >+ > dprintf("off & running....\n"); > > init(0);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=163419">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 204741
: 163419