Changeset View
Changeset View
Standalone View
Standalone View
usr.bin/protect/protect.1
Show All 19 Lines | ||||||||||
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |||||||||
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |||||||||
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |||||||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |||||||||
.\" SUCH DAMAGE. | .\" SUCH DAMAGE. | |||||||||
.\" | .\" | |||||||||
.\" $FreeBSD$ | .\" $FreeBSD$ | |||||||||
.\" | .\" | |||||||||
.Dd September 19, 2013 | .Dd May 18, 2021 | |||||||||
.Dt PROTECT 1 | .Dt PROTECT 1 | |||||||||
.Os | .Os | |||||||||
.Sh NAME | .Sh NAME | |||||||||
.Nm protect | .Nm protect | |||||||||
.Nd "protect processes from being killed when swap space is exhausted" | .Nd "protect processes from being killed when swap space is exhausted" | |||||||||
.Sh SYNOPSIS | .Sh SYNOPSIS | |||||||||
.Nm | .Nm | |||||||||
.Op Fl i | .Op Fl i | |||||||||
Show All 26 Lines | ||||||||||
as a protected process. | as a protected process. | |||||||||
.El | .El | |||||||||
.Pp | .Pp | |||||||||
Note that only one of the | Note that only one of the | |||||||||
.Fl p | .Fl p | |||||||||
or | or | |||||||||
.Fl g | .Fl g | |||||||||
flags may be specified when adjusting the state of existing processes. | flags may be specified when adjusting the state of existing processes. | |||||||||
.Pp | ||||||||||
Daemons can be protected on startup using | ||||||||||
.Ao Ar name Ac Ns Va _oomprotect | ||||||||||
option from | ||||||||||
.Xr rc.conf 5 . | ||||||||||
.Sh EXIT STATUS | .Sh EXIT STATUS | |||||||||
.Ex -std | .Ex -std | |||||||||
.Sh EXAMPLES | .Sh EXAMPLES | |||||||||
Mark the Xorg server as protected: | Mark the Xorg server as protected: | |||||||||
.Pp | .Pp | |||||||||
.Dl "pgrep Xorg | xargs protect -p" | .Dl "pgrep Xorg | xargs protect -p" | |||||||||
.Pp | .Pp | |||||||||
Protect all ssh sessions and their child processes: | Protect all ssh sessions and their child processes: | |||||||||
.Pp | .Pp | |||||||||
.Dl "pgrep sshd | xargs protect -dip" | .Dl "pgrep sshd | xargs protect -dip" | |||||||||
.Pp | .Pp | |||||||||
Remove protection from all current and future processes: | Remove protection from all current and future processes: | |||||||||
.Pp | .Pp | |||||||||
.Dl "protect -cdi -p 1" | .Dl "protect -cdi -p 1" | |||||||||
.Pp | ||||||||||
Using | ||||||||||
.Xr ps 1 | ||||||||||
to check if the protect flag has been applied to the process: | ||||||||||
debdrupAuthorUnsubmitted Not Done Inline Actions
debdrup: | ||||||||||
.Pp | ||||||||||
.Dl "ps -O flags,flags2 -p 64430" | ||||||||||
.Pp | ||||||||||
.Dl " PID F F2 TT STAT TIME COMMAND" | ||||||||||
.Dl "64430 10104002 00000001 5 S+ 0:00.00 ./main" | ||||||||||
.Dl " ^P ^PI" | ||||||||||
.Pp | ||||||||||
In the above example | ||||||||||
Not Done Inline Actions
debdrup: | ||||||||||
.Nm P | ||||||||||
points at the protected flag and | ||||||||||
.Nm PI | ||||||||||
points at the iheritance flag. | ||||||||||
The process is protected if | ||||||||||
.Nm P | ||||||||||
bit is set to 1. All children of this process will also be protected if | ||||||||||
.Nm PI | ||||||||||
bit is set to 1. | ||||||||||
.Sh SEE ALSO | .Sh SEE ALSO | |||||||||
.Xr procctl 2 | .Xr ps 1 , | |||||||||
.Xr procctl 2 , | ||||||||||
.Xr rc.conf 5 | ||||||||||
.Sh BUGS | .Sh BUGS | |||||||||
If you protect a runaway process that allocates all memory the system will | If you protect a runaway process that allocates all memory the system will | |||||||||
deadlock. | deadlock. |