On Thu, Aug 23, 2001 at 03:20:59PM +0900, Olaf Meeuwissen wrote: > Simon Boulet <[EMAIL PROTECTED]> writes: > > > Hi, > > > > I had some problems today with sshd. Here is what was reported in my log > > files: > > > > Aug 23 00:23:24 host01 kernel: VM: killing process sshd > > Aug 23 00:23:24 host01 kernel: swap_free: swap-space map bad (entry > > 0000f000) > > Aug 23 00:24:23 host01 kernel: VM: killing process sshd > > Aug 23 00:24:23 host01 kernel: swap_free: swap-space map bad (entry > > 0000f000) > > Aug 23 00:27:51 host01 kernel: VM: killing process sshd > > Aug 23 00:27:51 host01 kernel: swap_free: swap-space map bad (entry > > 0000f000) > > Aug 23 00:28:11 host01 kernel: VM: killing process sshd > > Aug 23 00:28:11 host01 kernel: swap_free: swap-space map bad (entry > > 0000f000) > > Looks more like a problem with swap space than with ssh to me. Just > happened to hit sshd.
Yes. 2.2 kernels (especially earlier ones) kill off whatever process they feel like when the system is out of virtual memory and needs more. To prevent runaway processes from causing the kernel to kill e.g. init, put ulimit -S -v 131072 (adjust this: it's virtual mem size in kB) in /etc/profile. It's a soft limit, so you don't need to be root to raise it if you need to run something huge.. A limit equal to or less than your total physical RAM is usually good, since one process using more than that would thrash like crazy anyway. (However, if you have 64MB or less of physical RAM, don't make the limit that low, or netscape might get an out-of-memory error even when it wasn't in runaway mode...) Also, I think there is a sysctl (/proc/sys/...) in 2.2 called overcommit_memory. Turn this off, and your system won't bite off more than it can chew. With it on, the system doesn't necessarily leave enough space for zeroed pages that are copy-on-write. It assumes that copy-on-write pages won't have to be copied. Unfortunately, there is no way to return an out-of-memory error to a process that is writing to memory. Thus, the kernel kills off some process. (No, this is not good. Yes, the kernel hackers know this. Yes, they have made it not so bad in later 2.2 kernels, and 2.4 has a whole new VM, which mostly does a better job, but is still in heavy development.) > > > I was just wondering if ssh 1.2.3 was not quite "old" enough to release the > > ssh 1:2.5.2p2-3 (testing) package? Anyone can help or has any ideas of what > > went wrong tonight? Should I upgrade to sshd 2.5.2? I would upgrade to kernel-image-2.2.19, if you don't have that already. That should help. Also, if you don't have enough swap set aside (i.e. the problem was not just one runaway process), then dd if=/dev/zero of=/path/to/swapfile bs=1024k count=megs $EDITOR /etc/fstab swapon -a > > Hopefully I have telnet > > still open and I was able to "/etc/init.d/ssh restart" and now it seems to > > work as normal. > > Having telnet around kind of defeats the purpose of ssh, not? You su > to root on your telnet connection and your root password flies over > the wire for all the snoop. Eek! Yeah, really. Time for a new root passwd, I'd say. -- #define X(x,y) x##y Peter Cordes ; e-mail: X([EMAIL PROTECTED] , ns.ca) "The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces!" -- Plautus, 200 BCE
