Your message dated Mon, 08 Jul 2024 10:28:23 +0700
with message-id <[email protected]>
and subject line
has caused the Debian Bug report #884713,
regarding approx: systemd's approx.socket should be configured to not have any
trigger limit
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
884713: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884713
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: approx
Version: 5.7-3
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-kali
I have installed approx on a server where I run many tests with jenkins,
the tests make heavy use of the debian repositories (debootstrap, install
of large metapackages, etc) and since the system is working very quickly,
it does trigger the default burst limit that systemd configures on socket.
$ man systemd.socket
[...]
TriggerLimitIntervalSec=, TriggerLimitBurst=
Configures a limit on how often this socket unit my be
activated within a specific time interval. The
TriggerLimitIntervalSec= may be used to configure the length of
the time interval in the usual time units "us", "ms", "s",
"min", "h", ... and defaults to 2s (See systemd.time(7) for
details on the various time units understood). The
TriggerLimitBurst= setting takes a positive integer value and
specifies the number of permitted activations per time
interval, and defaults to 200 for Accept=yes sockets (thus by
default permitting 200 activations per 2s), and 20 otherwise
(20 activations per 2s). Set either to 0 to disable any form of
trigger rate limiting. If the limit is hit, the socket unit is
placed into a failure mode, and will not be connectible anymore
until restarted. Note that this limit is enforced before the
service activation is enqueued.
I worked around this with a custom configuration:
# cat /etc/systemd/system/approx.socket.d/kali.conf
[Socket]
# Disable any trigger limit
TriggerLimitIntervalSec=0
TriggerLimitBurst=0
But IMO the default configuration should work even when you make heavy use
of the package repositories... so I would like to see this in your default
approx.socket. Or at least you should raise the limit to something larger
like a few thousands requests.
--- etc/approx.socket.orig 2017-12-18 16:37:50.276492000 +0100
+++ etc/approx.socket 2017-12-18 16:39:01.132021756 +0100
@@ -5,6 +5,9 @@
[Socket]
ListenStream=9999
Accept=yes
+# apt makes many short requests in a small timeframe, disable the default
+# burst limit
+TriggerLimitBurst=0
[Install]
WantedBy=sockets.target
-- System Information:
Debian Release: buster/sid
APT prefers oldoldstable
APT policy: (500, 'oldoldstable'), (500, 'unstable'), (500, 'testing'), (500,
'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8),
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages approx depends on:
ii adduser 3.116
ii bzip2 1.0.6-8.1
ii curl 7.57.0-1
ii debconf [debconf-2.0] 1.5.65
ii init-system-helpers 1.51
ii libc6 2.25-5
ii libgmp10 2:6.1.2+dfsg-1.1
ii libpcre3 2:8.39-8
ii openbsd-inetd [inet-superserver] 0.20160825-3
iu rsyslog [system-log-daemon] 8.31.0-2
ii update-inetd 4.44
ii xz-utils 5.2.2-1.3
ii zlib1g 1:1.2.8.dfsg-5
approx recommends no packages.
Versions of packages approx suggests:
ii libconfig-model-approx-perl 1.010-1
--- End Message ---
--- Begin Message ---
This bug was fixed in version 5.13-1.
--- End Message ---
