On Sun, Dec 7, 2014 at 5:12 PM, Stuart Henderson <s...@spacehopper.org> wrote: > On 2014/12/07 15:57, sven falempin wrote: >> On Sat, Dec 6, 2014 at 9:20 AM, Stuart Henderson <s...@spacehopper.org> >> wrote: >> > On 2014-12-02, sven falempin <sven.falem...@gmail.com> wrote: >> >> Hello, >> >> >> >> I am more or less forced to test Squid. >> >> OpenBSD test.my.domain 5.6 GENERIC.MP#333 amd64 >> >> >> >> I have two problems: >> >> >> >><< >> >> WARNING! Your cache is running out of filedescriptors >> >>>> >> >> >> >> And probably have to read more about ICAP >> >><< >> >> suspending ICAP service for too many failures >> >>>> >> >> >> >> >> >> My question is about the fds, >> >> i tried to add >> >> >> >> squid:\ >> >> :openfiles-cur=4096:\ >> >> :tc=daemon: >> > >> > Follow the instructions in the pkg-readme exactly and let me know if you >> > still have problems. If you want to make adjustments to limits etc then >> > do that after trying the suggested configuration. >> > >> > In your case you most likely have an invalid config, the openfiles-max >> > limit will probably be *lower* than your openfiles-cur. OpenBSD used to >> > accept this and use the higher limit, but a couple of releases ago this >> > was changed for posix compatibility. The example in the pkg-readme just >> > sets openfiles, overriding both -cur and -max. >> > >> >> into login.conf and did not forget to 'push' it >> >> >> >> # cap_mkdb /etc/login.conf >> >> # echo $? >> >> 0 >> > >> > You only have to run cap_mkdb if you already have a login.conf.db file. >> > Most people do not use these and just use the plaintext file instead. >> > >> >> And it checks the non space friendly syntax :-) >> >> whith openfile >> >> squid:\ >> :openfiles-cur=4096:\ >> :openfiles=4096:\ >> :tc=daemon: >> >> I do not have to do ulimit manually before but stop at 1025, I didn't >> call setrlimit >> >> >> root@unicornD # su -l -c squid -s /bin/sh root -c "perl /root/fds.pl" >> perl /roo"perl /root/fds.pl" < >> >> uid=515(_squid) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty), >> 5(operator), 20(staff), 31(guest) >> >> ksh: ulimit: Permission denied >> >> Error in tempfile() using template /tmp/XXXXXXXXXX: Could not create >> temp file /tmp/4vncHRQHUt: No locks available at /root/fds.pl line 20. >> >> Count:1025 >> >> >> setrlimit change nothing : >> >> >> # cat /root/fds.pl >> >> #!/usr/bin/perl >> >> use warnings; >> >> use strict; >> >> use v5.10; >> >> use POSIX; >> >> use BSD::Resource; >> >> use File::Temp qw/tempfile/; >> >> if (defined $ARGV[0] and $ARGV[0] =~ /^\d+$/) { >> >> setuid ($ARGV[0]); >> >> } else { >> >> setuid ( 515 ); >> >> } >> >> system('id'); >> >> my $rc = setrlimit(RLIMIT_OPEN_MAX,4096,4096); >> >> say 'ok' if ($rc); >> >> my @fds = (); >> >> while (0xBAD) { >> >> my($fh, $filename) = tempfile(); >> >> last unless $fh; >> >> push @fds, { fd=>$fh,n=>$filename}; >> >> } >> >> >> >> END{ >> >> say 'Count:'.($#fds+1); >> >> foreach my $fd (@fds) { >> >> close $fd->{fd}; >> >> unlink $fd->{n}; >> >> } >> >> } >> >> >> >> >> It looks like it has no effect. Is this the way to go ? have I to change a >> >> limit somewhere else ? >> >> >> >> Best regards, >> >> Sven >> > >> >> >> >> -- >> --------------------------------------------------------------------------------------------------------------------- >> () ascii ribbon campaign - against html e-mail >> /\ > > I have no idea what you're trying to do here.
opening (tempfile) files to the failure point. then cleaning the mess END{}, I got 1025 temp file opened then it fails. Since I run squid after a ulimit or with the class, I didn't get the fd warnings in log, but I didn't check how many files where open, the test with fds.pl probably fails for another reason (No locks available). Years using other opensource kernel learn me to trust nothing , the result is the one expected when using my($fh, $filename) = tempfile('/tmp/XXXXXXXXX',EXLOCK => 0); to open files. Clearly out of the squid subject. I am on my sslBump issue now. Thank you for the support :-) > > <sthen@wc2-pl7:~:669>$ tail -5 /etc/login.conf > squid:\ > :datasize=infinity:\ > :openfiles-max=10000:\ > :openfiles-cur=6000:\ > :tc=default: > <sthen@wc2-pl7:~:670>$ sudo -c squid sh -c "ulimit -a" > time(cpu-seconds) unlimited > file(blocks) unlimited > coredump(blocks) unlimited > data(kbytes) 33554432 > stack(kbytes) 4096 > lockedmem(kbytes) 2029690 > memory(kbytes) 6087328 > nofiles(descriptors) 6000 > processes 128 > -- --------------------------------------------------------------------------------------------------------------------- () ascii ribbon campaign - against html e-mail /\