How to *enable* systemd-oomd on a service in system.slice? OOM-kill for non-user .service

So, Jammy 22.04 brought us new goodies, systemd-oomd. Long overdue, IMO... but asking this in 2024 I'm somewhat late to the party, too.

Everyone has asked already how to disable it — yet, I'm failing to make it work.

My use-case: a custom system service (daemon) under /etc/systemd/system which I wrote a unit-file for myself, to have a piece of software running whenever the OS runs, regardless if I'm logged-in or not.

In other words, in systemd-cgls tree my fail2ban.service runs under system.slice— not under user.slice.

This permanently-running piece of software is gradually leaking memory.

My previous approach, of setting memory limits on it via a drop-in like so:

# /etc/systemd/system/fail2ban.service.d/mem-limits.conf[Service]MemoryAccounting = trueMemoryHigh=155MMemoryMax=250MMemorySwapMax=100M

—no longer works.

I mean, it works, in a way... After upgrade to 22.04 it just effectively hangs the service process (which is a python interpreter, but IIUC that doesn't matter) — whereas in 20.04 is was triggering OOM kill& auto-restart.

I want this latter behavior back: OOM-kill & restart a service daemon when it exceeds memory limit.

I did apt-install systemd-oomd package, systemctl enable --now systemd-oomd.service as usual, and managed to configure it in /etc/systemd/oomd.conf. The command oomctl now shows:

Dry Run: noSwap Used Limit: 50.00%Default Memory Pressure Limit: 10.00%Default Memory Pressure Duration: 5sSystem Context:        Memory: Used: 3.2G Total: 15.2G        Swap: Used: 267.2M Total: 7.9GSwap Monitored CGroups:Memory Pressure Monitored CGroups:        Path: /user.slice/user-1000.slice/user@1000.service                Memory Pressure Limit: 50.00%                Pressure: Avg10: 0.00 Avg60: 0.00 Avg300: 0.00 Total: 0                Current Memory Usage: 2.1M                Memory Min: 0B                Memory Low: 0B                Pgscan: 584                Last Pgscan: 584

Beyond that — I've been reading up for hours, and still am completely lost in systemd "memory pressure" options, not seeing clearly what do I need to change for my goal and how.

Do I need to create a dedicated .slice separate from system.slice? How ?

Do I need a separate .scope ? The meaning of manpages escapes me; both a .scope and a .slice is a CGroup (v2), alright... but? What's the difference?

How to get my own entry onto the Memory Pressure Monitored CGroups list that oomctl shows?

Has anyone even managed to get something like this working in 22.04 at all?