Urgent: warning: cannot open /etc/hosts.allow: Too many open files

From: Luiz Alfredo Baggiotto (luiz@pucrs.br)
Date: Wed Mar 09 2005 - 15:35:07 EST

• Next message: JESSE CARROLL: "Solaris 10 and 3Com 3CCFE574BE"
• Previous message: Stuart_Weaver@ElementK.com: "build time options to set the runtime library path -- resolution"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Dear admins

I4m having a terrible problem.
Recently, I was installed a openldap software in a Sun Solaris 9 box. Initial
tests are ok, but now, when I was migrated my users to this system, frequently
the ldap daemon stops to work. In the logs, I was saw this message:

warning: cannot open /etc/hosts.allow: Too many open files

Restarting the slapd daemon, the system works again, but with a increment of
the network demand, the error goes back and I need to restarts again and again
and again...
I searched about it in the net and I discovered something. Apparently, the
problem is that the file descriptors of the system is very low (256). I was
used the 'plimit' command to view the information of my slapd process:

# ps -ef | grep slapd
    ldap 10708 1 0 16:34:00 ? 0:13 /usr/local/libexec/slapd -u
ldap -g ldap -h ldaps:/// ldap:///
# plimit -k 10708
10708: /usr/local/libexec/slapd -u ldap -g ldap -h ldaps:/// ldap:///
   resource current maximum
  time(seconds) unlimited unlimited
  file(kbytes) unlimited unlimited
  data(kbytes) unlimited unlimited
  stack(kbytes) 8192 unlimited
  coredump(kbytes) unlimited unlimited
  nofiles(descriptors) 256 65536
  vmemory(kbytes) unlimited unlimited

Well, the recomendation is to include this lines in /etc/system and reboot the
machine:

* set hard limit on file descriptors
set rlim_fd_max = 4096
* set soft limit on file descriptors
set rlim_fd_cur = 1024

The problem is that to get a time to reboot the server. Then, I was discovered
(in the plimit man) the option -n, to set this daemon option "on the fly":

    -n soft,hard
           Set file descriptor limits (no default unit).

I tried this:

# plimit -n 16384,65536 10708
# plimit -k 10708
10708: /usr/local/libexec/slapd -u ldap -g ldap -h ldaps:/// ldap:///
   resource current maximum
  time(seconds) unlimited unlimited
  file(kbytes) unlimited unlimited
  data(kbytes) unlimited unlimited
  stack(kbytes) 8192 unlimited
  coredump(kbytes) unlimited unlimited
  nofiles(descriptors) 16384 65536
  vmemory(kbytes) unlimited unlimited

Well, I was thinking the problem is solved, but has occured again, in the same
circunstances!!!
Then, I ask: did anyone around had the same problem or something like it? Are
there some tip? Because if the 'plimit' works in the similar way of the
/etc/system directive, then seems the problem will be just the same... :-( In
this case, I will need to recompile OpenLDAP without tcpwrapper support and I
don4t want to make it.
Thanks A LOT in advance for any tip

Luiz
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: JESSE CARROLL: "Solaris 10 and 3Com 3CCFE574BE"
• Previous message: Stuart_Weaver@ElementK.com: "build time options to set the runtime library path -- resolution"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:30:19 EDT