Browse Source

systemd-oomd: service files

master
Anita Zhang 2 years ago
parent
commit
87e2bafff9
  1. 3
      src/oom/meson.build
  2. 14
      src/oom/org.freedesktop.oom1.service
  3. 3
      sysusers.d/systemd.conf.m4
  4. 1
      units/meson.build
  5. 55
      units/systemd-oomd.service.in

3
src/oom/meson.build

@ -26,6 +26,9 @@ if conf.get('ENABLE_OOMD') == 1
install_data('org.freedesktop.oom1.conf',
install_dir : dbuspolicydir)
install_data('org.freedesktop.oom1.service',
install_dir : dbussystemservicedir)
install_data('oomd.conf',
install_dir : pkgsysconfdir)
endif

14
src/oom/org.freedesktop.oom1.service

@ -0,0 +1,14 @@
# SPDX-License-Identifier: LGPL-2.1+
#
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
[D-BUS Service]
Name=org.freedesktop.oom1
Exec=/bin/false
User=root
SystemdService=dbus-org.freedesktop.oom1.service

3
sysusers.d/systemd.conf.m4

@ -9,6 +9,9 @@ g systemd-journal - -
m4_ifdef(`ENABLE_NETWORKD',
u systemd-network - "systemd Network Management"
)m4_dnl
m4_ifdef(`ENABLE_OOMD',
u systemd-oom - "systemd Userspace OOM Killer"
)m4_dnl
m4_ifdef(`ENABLE_RESOLVE',
u systemd-resolve - "systemd Resolver"
)m4_dnl

1
units/meson.build

@ -201,6 +201,7 @@ in_units = [
['systemd-networkd.service', 'ENABLE_NETWORKD'],
['systemd-networkd-wait-online.service', 'ENABLE_NETWORKD'],
['systemd-nspawn@.service', ''],
['systemd-oomd.service', 'ENABLE_OOMD'],
['systemd-portabled.service', 'ENABLE_PORTABLED',
'dbus-org.freedesktop.portable1.service'],
['systemd-userdbd.service', 'ENABLE_USERDB'],

55
units/systemd-oomd.service.in

@ -0,0 +1,55 @@
# SPDX-License-Identifier: LGPL-2.1+
#
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
[Unit]
Description=Userspace Out-Of-Memory (OOM) Killer
Documentation=man:systemd-oomd.service(8)
ConditionCapability=CAP_KILL
DefaultDependencies=no
Before=multi-user.target shutdown.target
Conflicts=shutdown.target
[Service]
AmbientCapabilities=CAP_KILL CAP_DAC_OVERRIDE
BusName=org.freedesktop.oom1
CapabilityBoundingSet=CAP_KILL CAP_DAC_OVERRIDE
ExecStart=@rootlibexecdir@/systemd-oomd
IPAddressDeny=any
LockPersonality=yes
MemoryDenyWriteExecute=yes
# Reserve some minimum amount of memory so that systemd-oomd can continue to
# run in resource starved scenarios.
MemoryMin=64M
MemoryLow=64M
NoNewPrivileges=yes
OOMScoreAdjust=-900
PrivateDevices=yes
PrivateTmp=yes
ProtectClock=yes
ProtectHome=yes
ProtectHostname=yes
ProtectKernelLogs=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
ProtectSystem=strict
Restart=on-failure
RestrictAddressFamilies=AF_UNIX
RestrictNamespaces=yes
RestrictRealtime=yes
RestrictSUIDSGID=yes
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service
Type=notify
User=systemd-oom
@SERVICE_WATCHDOG@
[Install]
WantedBy=multi-user.target
Alias=dbus-org.freedesktop.oom1.service
Loading…
Cancel
Save