[systemd-devel] protecting sshd against forkbombs, excessive memory usage by other processes
Tomasz Chmielewski
mangoo at wpkg.org
Wed Aug 12 03:57:39 UTC 2020
I've made a mistake and have executed a forkbomb-like task. Almost
immediately, the system became unresponsive, ssh session froze or were
very slow to output even single characters; some ssh sessions timed out
and were disconnected.
It was not possible to connect a new ssh session to interrupt the
runaway task - new connection attempt were simply timing out.
SSH is the only way to access the server. Eventually, after some 30
mins, the system "unfroze" - but - I wonder - can systemd help sysadmins
getting out of such situations?
I realize it's a bit tricky, as there are two cases here:
1) misbehaving program is a child process of sshd (i.e. user logged in
and executed a forkbomb)
2) misbehaving program is not a child process of sshd (i.e. some system
service is using a lot of resources)
Given that - how can we tune systemd so that system admin is almost
always able to log in via a new SSH connection, in both cases outlined
above? My usage case assumes user error rather than a malicious system
resource usage.
Tomasz Chmielewski
More information about the systemd-devel
mailing list