From nobody Fri Nov 10 10:55:50 2023 X-Original-To: freebsd-arch@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SRbMr5JMyz50CMC for ; Fri, 10 Nov 2023 10:55:52 +0000 (UTC) (envelope-from debdrup@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SRbMr4mngz3T6M for ; Fri, 10 Nov 2023 10:55:52 +0000 (UTC) (envelope-from debdrup@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1699613752; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=0uSwtp2iyYtEzWD9X6AEyzmw4lU62AnV/o3+A4RlRCU=; b=yjUPZdyu+ETq4niDZ4sAf/yFUqR/XrSrvFSXoDpt83uCyalVtBG9saX2hnZysvZ6SvW4zd yTxwZLjM+F/jlsnJtDVHLdX/dm/9hz6TxmANBubm/r/8tLjTXKNl4Oc/4JjzoDDL1pUKFb pJDej5slVySbO15oiJBFVSaNSpk28fx9/Dw22grfKPwJvVNcimpNrdIqmVwT/Sb/YoeNN5 /pNxJL86Idw2ND8DdSpCbHTRMIzmh+TXlayCXlMtyEBQhlp12+PilMRn9ntD4k3GJDixem OyfvZx4yol21jLV4dtxoOUiX/ruFJKNP4A1eNDCrL8K9xbEls4bZ8emVpVivJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1699613752; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=0uSwtp2iyYtEzWD9X6AEyzmw4lU62AnV/o3+A4RlRCU=; b=r2zFmlFsre8ZSIZy7jqscfsUv0dVxt6dCCNlQoMuiKASZEeozPlS7G13kTdq7r2bVPpC0e oNCEdI1ylKOX7ECSvw92jqXis0nMcwLqFiR6nHEOW0j7ETxQUbTjBkalDGo5Z1+s5ifdh5 mDJqdEdsETZ/iVJIgD4LO8URVxXdxTVHIDo+zHFa164mYSROB8MS5jrdsXTaXJ4MA/isxN AOkcQGpgwaVGVCTgVhaVz5jNQKZb0jj786HhTX/uI7gOSy558tWLckRxzgfK0sErZUuzv7 wZv0+WfjcgioZ8DRF7bNyhZtxva4BuVyyy1mZPnNwuTm5e2wl3U7y2vSd8Cglg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1699613752; a=rsa-sha256; cv=none; b=CgGP1y1NGhNxdW/5C1cvt42AatGu76skDr0BJjVgfFvg1ed5JZSneBzbYScwroiorie4Y7 XzseH8IbvsFdocuBWoNM6La9mqI8G+DluwsKKgfz3mrzozx6Y0BxWBJ+LwHPi4zIfHVIzZ e43Sjr0iDPIv1Q5WMbThVgSwXpEYShxKDJoMsEImwt+nA1uzDWh5dg5leMofjEg9CzqW6H cSlWeFUVjFVxAFLwZjYoTen0e4ZUvRjlQHRZRT05qXwbZZde8C2QSdaI9wQkscjkGrTy6C P5scYAvrSCvVEqL0FtnnxACRuKqpxA0aWT81jz4ah2Bo423q3eyzON0eD3gucQ== Received: by freefall.freebsd.org (Postfix, from userid 1471) id 9667670E; Fri, 10 Nov 2023 10:55:52 +0000 (UTC) Date: Fri, 10 Nov 2023 11:55:50 +0100 From: Daniel Ebdrup Jensen To: freebsd-arch@freebsd.org Subject: Re: Any particular reason we don't have sshd oomprotected by default? Message-ID: References: <8b9484ba83e373ece0e322e14c924da6@Leidinger.net> <20231109195959.7B33B348@slippy.cwsent.com> <281A373B-E3E2-480E-AE00-C8C691463106@freebsd.org> List-Id: Discussion related to FreeBSD architecture List-Archive: https://lists.freebsd.org/archives/freebsd-arch List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-arch@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="s3wjmut3inbtwaux" Content-Disposition: inline In-Reply-To: <281A373B-E3E2-480E-AE00-C8C691463106@freebsd.org> --s3wjmut3inbtwaux Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Nov 10, 2023 at 10:31:53AM +0800, Philip Paeps wrote: >On 2023-11-10 03:59:59 (+0800), Cy Schubert wrote: >>Philip Paeps writes: >>>On 2023-11-09 16:09:00 (+0800), Robert Clausecker wrote: >>>>I encountered the same issue a while ago, leaving my system in a >>>>vegetative state. I would propose to add syslogd and cron to the >>>>list. Syslogd because when it dies and you don't notice, you may go >>>>for >>>>a long time without syslogs, cron because a dead cron means no >>>>housekeeping tasks happen, including some which the=20 >>>>administrator may >>>>have intended to fix an issue causing an OOM condition (e.g. >>>>periodically restarting services with known memory leaks or cleaning >>>>tmpfs-based file systems). >>> >>>In my experience, cron is more often the cause of an OOM condition=20 >>>than >>>a help to making it stop. :-) >> >>Would that be cron or something that cron has started? > >A common pathology is something that is started every few minutes in=20 >the expectation that it will take less than a few minutes to run. =20 >Instead, it runs away with all memory. I'd rather let cron die of=20 >starvation than have it make the situation worse. > >So yes: something that has started. cron itself is not eating all=20 >memory. > >Philip > >--=20 >Philip Paeps >Senior Reality Engineer >Alternative Enterprises > Hi folks, This is a relatively common scenario, yes - but interestingly enough, FreeBSDs version has not only the @ invocation with a bunch of different values, it can do arbitrary time-lengths as specified with seconds. The best part about the @ invocation, though, is that it attempts waits that many seconds after the previous run has exited successfully - so it's much harder to get into a situation as described above. My only reason for mentioning this, is that I think it's a pretty neat little feature that not enough people know about, given its usefulness. Yours, Daniel Ebdrup Jensen --s3wjmut3inbtwaux Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGTBAABCgB9FiEEDonNJPbg/JLIMoS6Ps5hSHzN87oFAmVODDZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDBF ODlDRDI0RjZFMEZDOTJDODMyODRCQTNFQ0U2MTQ4N0NDREYzQkEACgkQPs5hSHzN 87pC7AgApFf9xs8dtfI7W5L6Sckw9APWgtG60+YAHCMD4IX1IXalJrhu4HrdRHZW sU15uDzg5JowedMDhCz5peUl4UlRMNWGadRw6MKL03Rs7ijWNhb90OdOFmHF1/0j 9HVL6KSBWr8w6NptRrXQj793LEBMXuaE3FUTBiHhENcFBu7im80UP0S/iscw1gOY D9YZ+cpKXXuIxmEfZYfVa6RwRHKYePz0vzC3O3GP6PvfMnd+kwEqlzd73YVlP+C+ blDKQaY91Ut4BuHQCFlJNijz3kE5YR7V3pz50RYJcYeLpUVq3Z5snD6GdXdQRxIE u8Kn5et6I9K1EE++TyA8U8+zse3POw== =dsLU -----END PGP SIGNATURE----- --s3wjmut3inbtwaux--