- Add a global option where we can protect processes when swap space

is exhausted. How to use: Basically we need to add on rc.conf an another option like: If we want to protect only the main processes. syslogd_oomprotect="YES" If we want to protect all future children of the specified processes. syslogd_oomprotect="ALL" PR: 204741 (based on) Submitted by: eugen@grosbein.net Reviewed by: jhb, allanjude, rpokala and bapt MFC after: 4 weeks Relnotes: Yes Sponsored by: gandi.net Differential Revision: https://reviews.freebsd.org/D5176
svn path=/head/; revision=295949
2024-07-23 19:28:36 +00:00 · 2016-02-24 01:32:12 +00:00 · 2016-02-24 01:32:12 +00:00 · 3bead71e95 · 2020-12-20 02:59:44 +00:00
parent e4c893dd01
commit 3bead71e95
3 changed files with 37 additions and 2 deletions
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@ -253,6 +253,7 @@ hostapd_enable="NO"		# Run hostap daemon.
 syslogd_enable="YES"		# Run syslog daemon (or NO).
 syslogd_program="/usr/sbin/syslogd" # path to syslogd, if you want a different one.
 syslogd_flags="-s"		# Flags to syslogd (if enabled).
+syslogd_oomprotect="YES"	# Don't kill syslogd when swap space is exhausted. 
 altlog_proglist=""		# List of chrooted applicatioins in /var
 inetd_enable="NO"		# Run the network daemon dispatcher (YES/NO).
 inetd_program="/usr/sbin/inetd"	# path to inetd, if you want a different one.
--- a/etc/rc.subr
+++ b/etc/rc.subr
@ -45,6 +45,7 @@ _rc_subr_loaded="YES"
 SYSCTL="/sbin/sysctl"
 SYSCTL_N="${SYSCTL} -n"
 SYSCTL_W="${SYSCTL}"
+PROTECT="/usr/bin/protect"
 ID="/usr/bin/id"
 IDCMD="if [ -x $ID ]; then $ID -un; fi"
 PS="/bin/ps -ww"
@ -755,6 +756,8 @@ check_startmsgs()
 #
 #	${name}_nice	n	Nice level to run ${command} at.
 #
+#	${name}_oomprotect n	Don't kill ${command} when swap space is exhausted.
+#
 #	${name}_user	n	User to run ${command} as, using su(1) if not
 #				using ${name}_chroot.
 #				Requires /usr to be mounted.
@ -944,7 +947,8 @@ run_rc_command()
 	    _nice=\$${name}_nice	_user=\$${name}_user \
 	    _group=\$${name}_group	_groups=\$${name}_groups \
 	    _fib=\$${name}_fib		_env=\$${name}_env \
-	    _prepend=\$${name}_prepend	_login_class=\${${name}_login_class:-daemon}
+	    _prepend=\$${name}_prepend	_login_class=\${${name}_login_class:-daemon} \
+	    _oomprotect=\$${name}_oomprotect

 	if [ -n "$_user" ]; then	# unset $_user if running as that user
 		if [ "$_user" = "$(eval $IDCMD)" ]; then
@ -1182,6 +1186,26 @@ $command $rc_flags $command_args"
 			;;

 		esac
+
+		# Apply protect(1) to the PID if ${name}_oomprotect is set.
+		case "$rc_arg" in
+		start)
+			if [ -n "$_oomprotect" ]; then
+				if [ -f "${PROTECT}" ]; then
+					pid=$(check_process $command)
+					case $_oomprotect in
+					[Aa][Ll][Ll])
+						${PROTECT} -i -p ${pid}
+						;;
+					[Yy][Ee][Ss])
+						${PROTECT} -p ${pid}
+						;;
+					esac
+				fi
+			fi	
+		;;
+		esac
+
 		return $_return
 	done

--- a/share/man/man8/rc.subr.8
+++ b/share/man/man8/rc.subr.8
@ -29,7 +29,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd October 12, 2014
+.Dd February 4, 2016
 .Dt RC.SUBR 8
 .Os
 .Sh NAME
@ -604,6 +604,16 @@ as.
 Only supported after
 .Pa /usr
 is mounted.
+.It Va ${name}_oomprotect
+.Xr protect 1
+.Va command
+from being killed when swap space is exhausted.
+If
+.Em YES
+is used, no child processes are protected.
+If
+.Em ALL ,
+protect all child processes.
 .It Va ${name}_program
 Full path to the command.
 Overrides