Hello,
today a client to connect via ftp to our server ( SLES 9 ) and I got this error:
slapd[26189]: warning: cannot open /etc/hosts.allow: Too many open files
according to lsof | grep REG | wc -l i have only 3267 regular files open and 4684 counting the IP connections too.
cat /proc/sys/fs/file-nr returns 3573 1185 131072
and file-max 131072 ( as above )
According to this numbers there sould not be a system wide problem.
Is there a limit of open files in slapd ?
I restarted slapd and now it seems to work.
Probably you need to know the version. Can anyone tell me how I get the running version ? There are no entries in /var/log/messages
Thanks Andreas
--On June 11, 2008 10:40:27 AM +0200 Andreas Moroder andreas.moroder@sb-brixen.it wrote:
Hello,
today a client to connect via ftp to our server ( SLES 9 ) and I got this error:
slapd[26189]: warning: cannot open /etc/hosts.allow: Too many open files
This is a long standing and well known problem with using tcpwrappers. I assume you are using a 32-bit OS? This can be resolved by moving to 64-bits and upping the limits available, IIRC.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
Quanah Gibson-Mount schrieb:
--On June 11, 2008 10:40:27 AM +0200 Andreas Moroder andreas.moroder@sb-brixen.it wrote:
Hello,
today a client to connect via ftp to our server ( SLES 9 ) and I got this error:
slapd[26189]: warning: cannot open /etc/hosts.allow: Too many open files
This is a long standing and well known problem with using tcpwrappers. I assume you are using a 32-bit OS? This can be resolved by moving to 64-bits and upping the limits available, IIRC.
--Quanah
Hello Quanah,
it is a 32 bit SLES 9 system. slapd itself runs as a service and not via inetd.
The process started just before this error was the ftp server that gets called very often. Would it be a good idea to start this as a service and would this modification solve the problem ?
Thanks Andreas
On Wednesday 11 June 2008 12:39:24 Andreas Moroder wrote:
Quanah Gibson-Mount schrieb:
--On June 11, 2008 10:40:27 AM +0200 Andreas Moroder
andreas.moroder@sb-brixen.it wrote:
Hello,
today a client to connect via ftp to our server ( SLES 9 ) and I got this error:
slapd[26189]: warning: cannot open /etc/hosts.allow: Too many open files
This is a long standing and well known problem with using tcpwrappers.
Is there any information available on this known problem? Historically, we've shipped OpenLDAP built with tcp_wrapper support, but I've been wanting to change that, some motivation would make it easier.
I assume you are using a 32-bit OS? This can be resolved by moving to 64-bits and upping the limits available, IIRC.
--Quanah
Hello Quanah,
it is a 32 bit SLES 9 system. slapd itself runs as a service and not via inetd.
inetd is only one service that uses tcp_wrappers. It seems your slapd is build with tcp_wrapper support.
You could consider building your slapd without tcp_wrapper support.
The process started just before this error was the ftp server that gets called very often. Would it be a good idea to start this as a service and would this modification solve the problem ?
This should have no effect.
Regards, Buchan
Buchan Milne bgmilne@staff.telkomsa.net writes:
Is there any information available on this known problem? Historically, we've shipped OpenLDAP built with tcp_wrapper support, but I've been wanting to change that, some motivation would make it easier.
TCP wrappers uses stdio. stdio has a limitation on the number of open files that it supports due to the layout of the FILE structure that's smaller than the limit the system supports. This is an ABI problem on several platforms (Linux isn't the only one that had this problem) which is generally fixed as part of the 64-bit architecture change.
On Mittwoch, 11. Juni 2008, Andreas Moroder wrote:
Hello,
today a client to connect via ftp to our server ( SLES 9 ) and I got this error:
slapd[26189]: warning: cannot open /etc/hosts.allow: Too many open files
according to lsof | grep REG | wc -l i have only 3267 regular files open and 4684 counting the IP connections too.
cat /proc/sys/fs/file-nr returns 3573 1185 131072
and file-max 131072 ( as above )
According to this numbers there sould not be a system wide problem.
Is there a limit of open files in slapd ?
I guess your are hitting the default per-process limit. Thats defaults to 1024 on SLES9 IIRC (see ulimit -n). But increasing that limit might not help you much as the OpenLDAP Version shipped with SLES9 is using select() to manage its connections and select() which can handle only 1024 filedescriptors by default. So you'll probably run into other issues. You best bet is probably to update to a more recent OpenLDAP Version. Which do not use select() anymore. Newer OpenLDAP releases for SLES9 are offered e.g. through the openSUSE Buildservice. http://download.opensuse.org/repositories/OpenLDAP/SLES_9/
Alternatively you could try to get the number of open connections down. Depending on your enviroment it might be enough to set an idletimeout in slapd.conf to let the server close unused open LDAP connections after a timeout.
I restarted slapd and now it seems to work.
Probably you need to know the version. Can anyone tell me how I get the running version ? There are no entries in /var/log/messages
openldap-technical@openldap.org
-
Andreas Moroder -
Buchan Milne -
Quanah Gibson-Mount -
Ralf Haferkamp -
Russ Allbery