From nobody Thu Nov 09 08:17:03 2023 X-Original-To: freebsd-arch@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SQvw3754Sz50dPX for ; Thu, 9 Nov 2023 08:17:55 +0000 (UTC) (envelope-from Alexander@Leidinger.net) Received: from mailgate.Leidinger.net (mailgate.leidinger.net [IPv6:2a00:1828:2000:313::1:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (P-256)) (Client CN "mailgate.leidinger.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SQvw35PZpz3Nj9 for ; Thu, 9 Nov 2023 08:17:55 +0000 (UTC) (envelope-from Alexander@Leidinger.net) Authentication-Results: mx1.freebsd.org; none List-Id: Discussion related to FreeBSD architecture List-Archive: https://lists.freebsd.org/archives/freebsd-arch List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-arch@freebsd.org MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=leidinger.net; s=outgoing-alex; t=1699517870; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=kHTec/is8KllECCA+HRzDWO/oWTvWEZ8s27NCH+Bmbw=; b=bp/q5BFIJJzMq3l9sR47WOnyNlERcWEqx32i9i6ZLi0AWs0VpDV82pSAkWT1RgT6yRkIjJ V3ZlYzUWRUehWfqm2twQN/XZmCSR7xXyYzmehs5POu98NUmLEzuCdxdJ+aJSqpHJocJD5K DYe2RyCwbvYOYb0zZ5LFU9BjVwB3pllFyJu7kiq+yLNwDLd7THkEcw97WJkOIwAGrNhONJ P0S4wKnjBz3INIUz4rw8MtAOvBD1C6WvpZQFGpNmm743c1khVWL0GOyh1+GZEBPldDEbHh I2K5+WakpLJQhPMYhjbE8aLN7p+fxmlSKsYAn7fkH4n09gGsAfo8njno3b02Gg== Date: Thu, 09 Nov 2023 09:17:03 +0100 From: Alexander Leidinger To: Robert Clausecker Cc: freebsd-arch@freebsd.org Subject: Re: Any particular reason we don't have sshd oomprotected by default? In-Reply-To: References: <8b9484ba83e373ece0e322e14c924da6@Leidinger.net> Message-ID: <79e9ef768da7ce9be14d3922b80c8104@Leidinger.net> X-Sender: Alexander@Leidinger.net Organization: No organization, this is a private message. Content-Type: multipart/signed; protocol="application/pgp-signature"; boundary="=_4ee35c77ecd409f9e475616bcd7da65c"; micalg=pgp-sha256 X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:34240, ipnet:2a00:1828::/32, country:DE] X-Rspamd-Queue-Id: 4SQvw35PZpz3Nj9 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --=_4ee35c77ecd409f9e475616bcd7da65c Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed Am 2023-11-09 09:09, schrieb Robert Clausecker: > Hi Alexander, > > I encountered the same issue a while ago, leaving my system in a > vegetative state. I would propose to add syslogd and cron to the syslogd is already protected (at least in 14 and -current). > list. Syslogd because when it dies and you don't notice, you may go > for > a long time without syslogs, cron because a dead cron means no > housekeeping tasks happen, including some which the administrator may > have intended to fix an issue causing an OOM condition (e.g. > periodically restarting services with known memory leaks or cleaning > tmpfs-based file systems). I thought about crond. I agree with your reasoning (I have some cronjobs which are supposed to fix/workaround some issues which for whatever reason can not be handled in a better way). On the other hand I disagree as it can also be the cause of such an oom situation (that's the reason why I didn't include it in my proposal). If the general consensus is to add sshd and cron, I offer to do the work to add it. Bye, Alexander. > Yours, > Robert Clausecker > > Am Thu, Nov 09, 2023 at 08:54:22AM +0100 schrieb Alexander Leidinger: >> Hi, >> >> We have syslogd oomprotected by default (/etc/defaults/rc.conf). Is >> there a >> particular reason we don't have sshd protected the same way? >> >> Any objections if I would commit such a change (sshd_oomprotect=YES in >> defaults/rc.conf)? >> >> I was also thinking about which other daemon we should protect by >> default, >> but apart from the need to make sure important logs are written to >> find >> issues which may have caused the oom trigger, and the need to be able >> to >> login to such a troubled system, I didn't see any other service as >> such >> critical (we could argue about ntpd, but I send to be on the "may be >> protected" (not for my use cases) and not to be on the "has to be >> protected" >> side) to include it in this proposal. >> >> Bye, >> Alexander. >> >> -- >> http://www.Leidinger.net Alexander@Leidinger.net: PGP >> 0x8F31830F9F2772BF >> http://www.FreeBSD.org netchild@FreeBSD.org : PGP >> 0x8F31830F9F2772BF -- http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF --=_4ee35c77ecd409f9e475616bcd7da65c Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc; size=833 Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEER9UlYXp1PSd08nWXEg2wmwP42IYFAmVMlY0ACgkQEg2wmwP4 2IbuThAAhG4l47SbPjvzfJZIw0Om3G0DGeHF+Vv9FWkf8tw/fmRmT+F/xtpFPFuu 70stE4fuBGWjPii5BfUITsFLFS2I37rGaKQEOhype+/WqikfOp2h3UoaSTwH4bY7 O+te2tbXt6w0NFgSnI3PJkNPJ3ORSjYIr/Gsd1b1JVKmoax/3l3nfMC4EThnWX7t piaGkGC0IVKWma0j7defjlkt2DFVzTVwsyzE1W3ywN+Q5JpgRRei1/T5ckSy+Vpc vzNgQoggbPv/tL02c+5VxJxwwl6VbZZFNdgeqZbhdQ9IlFefeHbcUt2KJFXA3frb jCfLQxph2Fqv9Ghu+Ag1HcQxFUchZiX1eFReQK5/f3NsU0xuexElx35K31qDMgHy lMJZ6svJPOtIMP+QqxPYHwbrv22+qNvkxuSBz7yjFt2OVQwnqNSCRwjJfIxPivw5 bkX67Xf5y75e2SIzU3JnyZ5aJCsOoDmCewZIEXwwaZHkg5EWtVr2mz7o1chcBl3I cDwbHcNejWBIZ88LFLbvVwF2GyKGxywGS9t1AKayiLGmFfVVNQaxxp8hmWARmyWL lqCcTDIxyeuT1BK7oxJvczGfCR0IPoPxbcaTabr87DsRnxiw7Kp9De37jmAtu38D 38frD8vnSgH1cvjfiKRv2BtgbJaeRn8sqVMpJ+t/vqydU/sqmok= =YR79 -----END PGP SIGNATURE----- --=_4ee35c77ecd409f9e475616bcd7da65c--