diff --git a/httpd.service b/httpd.service
index 6ff4e8b..c5b5e08 100644
--- a/httpd.service
+++ b/httpd.service
@@ -27,6 +27,7 @@ ExecReload=/usr/sbin/httpd $OPTIONS -k graceful
KillSignal=SIGWINCH
KillMode=mixed
PrivateTmp=true
+OOMPolicy=continue
[Install]
WantedBy=multi-user.target
diff --git a/httpd.service.xml b/httpd.service.xml
index 243ce1e..c6bf865 100644
--- a/httpd.service.xml
+++ b/httpd.service.xml
@@ -225,15 +225,34 @@ Wants=network-online.target
types. See
httpd_selinux8
for more information.
+
- The httpd service enables PrivateTmp
- by default. The /tmp and
- /var/tmp directories available within the
- httpd process (and CGI scripts, etc) are not shared by other
- processes. See
+
+ Process policies and restrictions
+
+ The httpd service uses the following options:
+
+
+ PrivateTmp is enabled by
+ default. The /tmp and
+ /var/tmp directories available within the
+ httpd process (and CGI scripts, etc) are not shared by other
+ processes.
+
+ OOMPolicy is set to
+ continue by default. Under the default
+ Out-of-Memory policy, the entire service will be terminated if
+ any process is killed by the kernel OOM killer. By setting
+ the policy to continue, httpd will
+ continue to run (and recover) if a single child is terminated
+ because of excess memory consumption.
+
+
+ See
systemd.exec5
+ and
+ systemd.service5
for more information.
-
diff --git a/httpd.spec b/httpd.spec
index 1186331..53d027c 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -13,7 +13,7 @@
Summary: Apache HTTP Server
Name: httpd
Version: 2.4.48
-Release: 8%{?dist}
+Release: 9%{?dist}
URL: https://httpd.apache.org/
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc
@@ -801,6 +801,9 @@ exit $rv
%{_rpmconfigdir}/macros.d/macros.httpd
%changelog
+* Wed Jul 7 2021 Joe Orton - 2.4.48-9
+- use OOMPolicy=continue in httpd.service, httpd@.service (#1947475)
+
* Thu Jul 01 2021 Luboš Uhliarik - 2.4.48-8
- Resolves: #1950021 - [RFE] Update httpd directive SSLProxyMachineCertificateFile
to be able to handle certs without matching private key
diff --git a/httpd@.service b/httpd@.service
index 7649dff..84424fb 100644
--- a/httpd@.service
+++ b/httpd@.service
@@ -20,6 +20,7 @@ ExecReload=/usr/sbin/httpd $OPTIONS -k graceful -f conf/%i.conf
KillSignal=SIGWINCH
KillMode=mixed
PrivateTmp=true
+OOMPolicy=continue
[Install]
WantedBy=multi-user.target