163203 – net-misc/openssh - add parameter to disable oom-killer for sshd

Bug 163203 - net-misc/openssh - add parameter to disable oom-killer for sshd

Summary: net-misc/openssh - add parameter to disable oom-killer for sshd

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Server (show other bugs)
Hardware:	All Linux

Importance:	High enhancement
Assignee:	Gentoo's Team for Core System packages

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2007-01-22 09:08 UTC by Marcin Lewandowski
Modified:	2007-01-23 21:40 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
/etc/conf.d/sshd (url.txt,34 bytes, text/plain) 2007-01-22 09:09 UTC, Marcin Lewandowski	Details
/etc/init.d/sshd (url.txt,34 bytes, text/plain) 2007-01-22 09:09 UTC, Marcin Lewandowski	Details
/etc/conf.d/sshd (sshd-confd,263 bytes, text/plain) 2007-01-23 19:58 UTC, Marcin Lewandowski	Details
/etc/init.d/sshd (sshd-initd,1.68 KB, text/plain) 2007-01-23 19:58 UTC, Marcin Lewandowski	Details
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcin Lewandowski 2007-01-22 09:08:20 UTC

Last DDoS on my server caused me to think about security. Flooding my server caused out-of-memory and mysqld was killed. I thought it's good to prevent killing processes in random way, especially sshd. When you have remote machine and kernel will decide to kill sshd you lost last way to do something.

Attached files contain config file for sshd initscript with parameter that allows user to enable or disable passing variable that disables oom-killer to /proc/SSHD_PID/oom_adj and modified initscript.

Reproducible: Sometimes

Comment 1 Marcin Lewandowski 2007-01-22 09:09:32 UTC

Created attachment 107765 [details]
/etc/conf.d/sshd

Comment 2 Marcin Lewandowski 2007-01-22 09:09:51 UTC

Created attachment 107766 [details]
/etc/init.d/sshd

Comment 3 Jakub Moc (RETIRED) gentoo-dev

2007-01-22 09:13:54 UTC

Please, stop attaching these bogus references to third-party pages. Reopen once you've attached the real thing.

Comment 4 Marcin Lewandowski 2007-01-23 19:58:04 UTC

Created attachment 107928 [details]
/etc/conf.d/sshd

Comment 5 Marcin Lewandowski 2007-01-23 19:58:31 UTC

Created attachment 107930 [details]
/etc/init.d/sshd

Comment 6 Marcin Lewandowski 2007-01-23 19:58:55 UTC

Sorry, my fault.

Comment 7 SpanKY gentoo-dev

2007-01-23 21:40:38 UTC

not terribly interested in including this ...