From 90f8cf5340c1b07d8dc62eecbc5efbd635215748 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Sun, 30 Mar 2008 20:42:51 +0000
Subject: * Disable the Linux kernel's OOM-killer for the sshd parent; tweak  
 SSHD_OOM_ADJUST in /etc/default/ssh to change this (closes: #341767).

---
 debian/changelog              |  7 +++++++
 debian/openssh-server.default |  5 +++++
 debian/openssh-server.init    | 12 ++++++++++++
 3 files changed, 24 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 7ae211514..d1174acf7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+openssh (1:4.7p1-6) UNRELEASED; urgency=low
+
+  * Disable the Linux kernel's OOM-killer for the sshd parent; tweak
+    SSHD_OOM_ADJUST in /etc/default/ssh to change this (closes: #341767).
+
+ -- Colin Watson <cjwatson@debian.org>  Fri, 28 Mar 2008 18:54:06 +0000
+
 openssh (1:4.7p1-5) unstable; urgency=low
 
   * Recommends: xauth rather than Suggests: xbase-clients.
diff --git a/debian/openssh-server.default b/debian/openssh-server.default
index 304042224..c4569e6c1 100644
--- a/debian/openssh-server.default
+++ b/debian/openssh-server.default
@@ -3,3 +3,8 @@
 
 # Options to pass to sshd
 SSHD_OPTS=
+
+# OOM-killer adjustment for sshd (see
+# linux/Documentation/filesystems/proc.txt; lower values reduce likelihood
+# of being killed, -17 = disable)
+SSHD_OOM_ADJUST=-17
diff --git a/debian/openssh-server.init b/debian/openssh-server.init
index 67b204789..8c38eedf5 100644
--- a/debian/openssh-server.init
+++ b/debian/openssh-server.init
@@ -16,6 +16,7 @@ set -e
 test -x /usr/sbin/sshd || exit 0
 ( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0
 
+SSHD_OOM_ADJUST=-17
 if test -f /etc/default/ssh; then
     . /etc/default/ssh
 fi
@@ -70,6 +71,15 @@ check_config() {
     fi
 }
 
+adjust_oom() {
+    if [ -e /var/run/sshd.pid ]; then
+	PID="$(head -n1 /var/run/sshd.pid)"
+	if [ -e "/proc/$PID/oom_adj" ]; then
+	    printf '%s' "$SSHD_OOM_ADJUST" >"/proc/$PID/oom_adj"
+	fi
+    fi
+}
+
 export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
 
 case "$1" in
@@ -80,6 +90,7 @@ case "$1" in
 	log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd"
 	if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
 	    log_end_msg 0
+	    adjust_oom
 	else
 	    log_end_msg 1
 	fi
@@ -113,6 +124,7 @@ case "$1" in
 	check_dev_null log_end_msg
 	if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
 	    log_end_msg 0
+	    adjust_oom
 	else
 	    log_end_msg 1
 	fi
-- 
cgit v1.2.3