From: Luiz Alfredo Baggiotto (luiz@pucrs.br)
Date: Wed Mar 09 2005 - 15:35:07 EST
Dear admins
I4m having a terrible problem.
Recently, I was installed a openldap software in a Sun Solaris 9 box. Initial
tests are ok, but now, when I was migrated my users to this system, frequently
the ldap daemon stops to work. In the logs, I was saw this message:
warning: cannot open /etc/hosts.allow: Too many open files
Restarting the slapd daemon, the system works again, but with a increment of
the network demand, the error goes back and I need to restarts again and again
and again...
I searched about it in the net and I discovered something. Apparently, the
problem is that the file descriptors of the system is very low (256). I was
used the 'plimit' command to view the information of my slapd process:
# ps -ef | grep slapd
ldap 10708 1 0 16:34:00 ? 0:13 /usr/local/libexec/slapd -u
ldap -g ldap -h ldaps:/// ldap:///
# plimit -k 10708
10708: /usr/local/libexec/slapd -u ldap -g ldap -h ldaps:/// ldap:///
resource current maximum
time(seconds) unlimited unlimited
file(kbytes) unlimited unlimited
data(kbytes) unlimited unlimited
stack(kbytes) 8192 unlimited
coredump(kbytes) unlimited unlimited
nofiles(descriptors) 256 65536
vmemory(kbytes) unlimited unlimited
Well, the recomendation is to include this lines in /etc/system and reboot the
machine:
* set hard limit on file descriptors
set rlim_fd_max = 4096
* set soft limit on file descriptors
set rlim_fd_cur = 1024
The problem is that to get a time to reboot the server. Then, I was discovered
(in the plimit man) the option -n, to set this daemon option "on the fly":
-n soft,hard
Set file descriptor limits (no default unit).
I tried this:
# plimit -n 16384,65536 10708
# plimit -k 10708
10708: /usr/local/libexec/slapd -u ldap -g ldap -h ldaps:/// ldap:///
resource current maximum
time(seconds) unlimited unlimited
file(kbytes) unlimited unlimited
data(kbytes) unlimited unlimited
stack(kbytes) 8192 unlimited
coredump(kbytes) unlimited unlimited
nofiles(descriptors) 16384 65536
vmemory(kbytes) unlimited unlimited
Well, I was thinking the problem is solved, but has occured again, in the same
circunstances!!!
Then, I ask: did anyone around had the same problem or something like it? Are
there some tip? Because if the 'plimit' works in the similar way of the
/etc/system directive, then seems the problem will be just the same... :-( In
this case, I will need to recompile OpenLDAP without tcpwrapper support and I
don4t want to make it.
Thanks A LOT in advance for any tip
Luiz
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:30:19 EDT