Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 163203 - net-misc/openssh - add parameter to disable oom-killer for sshd
Summary: net-misc/openssh - add parameter to disable oom-killer for sshd
Status: RESOLVED WONTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Server (show other bugs)
Hardware: All Linux
: High enhancement
Assignee: Gentoo's Team for Core System packages
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-01-22 09:08 UTC by Marcin Lewandowski
Modified: 2007-01-23 21:40 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments
/etc/conf.d/sshd (url.txt,34 bytes, text/plain)
2007-01-22 09:09 UTC, Marcin Lewandowski
Details
/etc/init.d/sshd (url.txt,34 bytes, text/plain)
2007-01-22 09:09 UTC, Marcin Lewandowski
Details
/etc/conf.d/sshd (sshd-confd,263 bytes, text/plain)
2007-01-23 19:58 UTC, Marcin Lewandowski
Details
/etc/init.d/sshd (sshd-initd,1.68 KB, text/plain)
2007-01-23 19:58 UTC, Marcin Lewandowski
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Marcin Lewandowski 2007-01-22 09:08:20 UTC
Last DDoS on my server caused me to think about security. Flooding my server caused out-of-memory and mysqld was killed. I thought it's good to prevent killing processes in random way, especially sshd. When you have remote machine and kernel will decide to kill sshd you lost last way to do something.

Attached files contain config file for sshd initscript with parameter that allows user to enable or disable passing variable that disables oom-killer to /proc/SSHD_PID/oom_adj and modified initscript.

Reproducible: Sometimes
Comment 1 Marcin Lewandowski 2007-01-22 09:09:32 UTC
Created attachment 107765 [details]
/etc/conf.d/sshd
Comment 2 Marcin Lewandowski 2007-01-22 09:09:51 UTC
Created attachment 107766 [details]
/etc/init.d/sshd
Comment 3 Jakub Moc (RETIRED) gentoo-dev 2007-01-22 09:13:54 UTC
Please, stop attaching these bogus references to third-party pages. Reopen once you've attached the real thing.
Comment 4 Marcin Lewandowski 2007-01-23 19:58:04 UTC
Created attachment 107928 [details]
/etc/conf.d/sshd
Comment 5 Marcin Lewandowski 2007-01-23 19:58:31 UTC
Created attachment 107930 [details]
/etc/init.d/sshd
Comment 6 Marcin Lewandowski 2007-01-23 19:58:55 UTC
Sorry, my fault.
Comment 7 SpanKY gentoo-dev 2007-01-23 21:40:38 UTC
not terribly interested in including this ...