Red Hat Bugzilla – Bug 3919
Possible memory leak in sysklogd-1.3.31-6
Last modified: 2008-05-01 11:37:51 EDT
The other day, we had a machine crash on us due to it running out of memory. The only 3 things that were running on the machine at the time were named, radiusd, and syslogd. Through testing we believe that there is a memory leak present in syslogd when it is run with the '-r' switch. On our machine, it seems to consume memory at a rate of about 10K per minute. The rate depends on the mount of remote traffic it recieves. While we didn't wait for the machine to crash again, we waited until syslog had consumed about 40 meg before stopping it. Also, on a different note, I couldn't find a 'component' entry on the bugzilla page for syslog. Thanks for your time.
FWIW, the component is sysklogd...
I have seen this bug too. Its with the -r switch on 6.0. Hopefully someone can get a new rpm out real soon, so we don't lose remote logging capibility. Takes a day to kill our syslog host.
I have seen this also. The sysklogd leak was bringing down a host system that was experiencing a lot of traffic. It didn't take long to crash the system (out of memory for syslogd, out of memory for pump, etc. . .) Glad to see I was not the only one experiencing this problem. Looking forward to the fix.
Upgrade to the latest glibc in Raw Hide, or remove the 'nisplus' from the hosts entry of /etc/nsswitch.conf. gethostbyname() leaked in its NIS attempts.