On Friday, 12 March 2010 16:10:01 Aaron Richton wrote:
On Wed, 10 Mar 2010, Klemens Kittan wrote:
Mar 1 14:45:15 ldap1 slapd[25320]: warning: /etc/hosts.allow, line 19: cannot open /etc/hosts.allow: Too many open files
cat /proc/sys/fs/file-max: 203609
cat /proc/<slapd pid>/limits: Max open files 4096 4096 files
Sounds like you're mostly on the right track, but I didn't hear mention of compiling with a suitable OPENLDAP_FD_SETSIZE. Are your CPPFLAGS set accordingly?
I ran into this at some stage, and built some binaries (for RHEL3 I think) with a higher OPENLDAP_FD_SETSIZE, however I am sure the discussion about this concluded that on modern linux distros, this is no longer necessary, due to the use of epoll. While it might still apply on other non-Linux-2.6 platforms (doesn't Solaris have it's own API for similar purposes?), this should not be a concern for anyone one a non-ancient Linux installation.
This bug report on Debian which relates to the same issue, seems to have come to the same conclusion:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=378261
On my laptop, running Mandriva 2010.0 x86_64 with the Mandriva OpenLDAP package I ran the perl script in that bug report after increasing the file size limit for OpenLDAP:
[root@tiger ~]# grep ^MAX /etc/sysconfig/ldap MAXFILES=4096
which resulted in the correct limit being applied to the slapd pid: [root@tiger ~]# grep files /proc/`pidof slapd`/limits Max open files 4096 4096 files
and the limit for the shell from which I ran the script:
[root@tiger ~]# ulimit -n 4096
[root@tiger ~]# perl /home/bgmilne/bin/ldapportcheck.pl [...] 4091 4092 Couldn't create socket 4093: Too many open files at /home/bgmilne/bin/ldapportcheck.pl line 11.
slapd had been happy to have more than 4000 files open:
Mar 19 11:05:13 tiger slapd[22716]: conn=6086 fd=4083 ACCEPT from IP=127.0.0.1:35432 (IP=0.0.0.0:389)
So, my conclusion is: 1)You're doing something wrong in your testing 2)For some reason Ubuntu is not biulding with epoll support 3)There is some obscure bug in OpenLDAP that results in file limit not being adhered to even when built with epoll support
Regards, Buchan