On Sun, Dec 7, 2014 at 5:12 PM, Stuart Henderson <s...@spacehopper.org> wrote:
> On 2014/12/07 15:57, sven falempin wrote:
>> On Sat, Dec 6, 2014 at 9:20 AM, Stuart Henderson <s...@spacehopper.org>
>> wrote:
>> > On 2014-12-02, sven falempin <sven.falem...@gmail.com> wrote:
>> >> Hello,
>> >>
>> >> I am more or less forced to test Squid.
>> >> OpenBSD test.my.domain 5.6 GENERIC.MP#333 amd64
>> >>
>> >> I have two problems:
>> >>
>> >><<
>> >> WARNING! Your cache is running out of filedescriptors
>> >>>>
>> >>
>> >> And probably have to read more about ICAP
>> >><<
>> >> suspending ICAP service for too many failures
>> >>>>
>> >>
>> >>
>> >> My question is about the fds,
>> >> i tried to add
>> >>
>> >> squid:\
>> >> :openfiles-cur=4096:\
>> >> :tc=daemon:
>> >
>> > Follow the instructions in the pkg-readme exactly and let me know if you
>> > still have problems. If you want to make adjustments to limits etc then
>> > do that after trying the suggested configuration.
>> >
>> > In your case you most likely have an invalid config, the openfiles-max
>> > limit will probably be *lower* than your openfiles-cur. OpenBSD used to
>> > accept this and use the higher limit, but a couple of releases ago this
>> > was changed for posix compatibility. The example in the pkg-readme just
>> > sets openfiles, overriding both -cur and -max.
>> >
>> >> into login.conf and did not forget to 'push' it
>> >>
>> >> # cap_mkdb /etc/login.conf
>> >> # echo $?
>> >> 0
>> >
>> > You only have to run cap_mkdb if you already have a login.conf.db file.
>> > Most people do not use these and just use the plaintext file instead.
>> >
>>
>> And it checks the non space friendly syntax :-)
>>
>> whith openfile
>>
>> squid:\
>> :openfiles-cur=4096:\
>> :openfiles=4096:\
>> :tc=daemon:
>>
>> I do not have to do ulimit manually before but stop at 1025, I didn't
>> call setrlimit
>>
>>
>> root@unicornD # su -l -c squid -s /bin/sh root -c "perl /root/fds.pl"
>> perl /roo"perl /root/fds.pl" <
>>
>> uid=515(_squid) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty),
>> 5(operator), 20(staff), 31(guest)
>>
>> ksh: ulimit: Permission denied
>>
>> Error in tempfile() using template /tmp/XXXXXXXXXX: Could not create
>> temp file /tmp/4vncHRQHUt: No locks available at /root/fds.pl line 20.
>>
>> Count:1025
>>
>>
>> setrlimit change nothing :
>>
>>
>> # cat /root/fds.pl
>>
>> #!/usr/bin/perl
>>
>> use warnings;
>>
>> use strict;
>>
>> use v5.10;
>>
>> use POSIX;
>>
>> use BSD::Resource;
>>
>> use File::Temp qw/tempfile/;
>>
>> if (defined $ARGV[0] and $ARGV[0] =~ /^\d+$/) {
>>
>> setuid ($ARGV[0]);
>>
>> } else {
>>
>> setuid ( 515 );
>>
>> }
>>
>> system('id');
>>
>> my $rc = setrlimit(RLIMIT_OPEN_MAX,4096,4096);
>>
>> say 'ok' if ($rc);
>>
>> my @fds = ();
>>
>> while (0xBAD) {
>>
>> my($fh, $filename) = tempfile();
>>
>> last unless $fh;
>>
>> push @fds, { fd=>$fh,n=>$filename};
>>
>> }
>>
>>
>>
>> END{
>>
>> say 'Count:'.($#fds+1);
>>
>> foreach my $fd (@fds) {
>>
>> close $fd->{fd};
>>
>> unlink $fd->{n};
>>
>> }
>>
>> }
>>
>>
>>
>> >> It looks like it has no effect. Is this the way to go ? have I to change a
>> >> limit somewhere else ?
>> >>
>> >> Best regards,
>> >> Sven
>> >
>>
>>
>>
>> --
>> ---------------------------------------------------------------------------------------------------------------------
>> () ascii ribbon campaign - against html e-mail
>> /\
>
> I have no idea what you're trying to do here.
opening (tempfile) files to the failure point. then cleaning the mess
END{}, I got 1025 temp file opened then it fails.
Since I run squid after a ulimit or with the class, I didn't get the
fd warnings in log, but I didn't check how many files where open,
the test with fds.pl probably fails for another reason (No locks available).
Years using other opensource kernel learn me to trust nothing , the
result is the one expected when using
my($fh, $filename) = tempfile('/tmp/XXXXXXXXX',EXLOCK => 0);
to open files.
Clearly out of the squid subject.
I am on my sslBump issue now.
Thank you for the support :-)
>
> <sthen@wc2-pl7:~:669>$ tail -5 /etc/login.conf
> squid:\
> :datasize=infinity:\
> :openfiles-max=10000:\
> :openfiles-cur=6000:\
> :tc=default:
> <sthen@wc2-pl7:~:670>$ sudo -c squid sh -c "ulimit -a"
> time(cpu-seconds) unlimited
> file(blocks) unlimited
> coredump(blocks) unlimited
> data(kbytes) 33554432
> stack(kbytes) 4096
> lockedmem(kbytes) 2029690
> memory(kbytes) 6087328
> nofiles(descriptors) 6000
> processes 128
>
--
---------------------------------------------------------------------------------------------------------------------
() ascii ribbon campaign - against html e-mail
/\
