[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ossec-list
Subject:    Re: [ossec-list] Feature Requests ?
From:       "--[ UxBoD ]--" <uxbod () splatnix ! net>
Date:       2009-12-31 14:43:08
Message-ID: 31768761.610.1262270588245.JavaMail.root () office ! splatnix ! net
[Download RAW message or body]

----- "dan (ddp)" <ddpbsd@gmail.com> wrote:

| On Tue, Dec 29, 2009 at 2:08 PM, --[ UxBoD ]-- <uxbod@splatnix.net>
| wrote:
| >
| > Appreciate your response; though as syscheck runs as root it is very
| hard to set via limits.conf as it would effect all root processes.  I
| thought about adding ossec as a supplementary group to root and using
| that to reset the priority via limits.conf but I believe it only looks
| at the primary group.  Do you believe this request would be feasible
| or should I look at alternative methods; though it would offer greater
| flexibility via the shared agent configuration of OSSEC.
| >
| > Thanks.
| >
| 
| I don't know how easy it would be to add it into the ossec code, but
| I
| imagine it wouldn't be too difficult to hack it into the
| ossec-control
| script.
| You could add a NICE=0 near the top (keep it at the current level by
| default).
| Then in the stop) section, renice the appropriate pids if NICE != 0.
| 
| Not quite as elegant as adding the functionality into ossec itself,
| but quick and easy.
Dan,

agreed that would be a quick and easy change; though how easy would it be to implement the following:

modifying runcheck.c and changing:

    #ifdef SCHED_BATCH
    struct sched_param pri;
    int status;
   
    pri.sched_priority = 0;
    status = sched_setscheduler(0, SCHED_BATCH, &pri);
   
    debug1("%s: Setting SCHED_BATCH returned: %d", ARGV0, status);
    #endif

to something like:

    #ifdef SCHED_BATCH
    struct sched_param pri;
    int status;
   
    pri.sched_priority = syscheck.nice;
    status = sched_setscheduler(0, SCHED_BATCH, &pri);
   
    debug1("%s: Setting SCHED_BATCH returned: %d", ARGV0, status);
    #endif

where syscheck.nice can be defined in config.c:

syscheck.nice = 0

and a new option:

<nice>10</nice>

with that the priority could be defined within shared/agent.conf and pushed out to the clients.

Thank you - Awesome product!

[prev in list] [next in list] [prev in thread] [next in thread]