On Tue, Feb 17, 2015 at 12:45:47AM +0000, Stuart Henderson wrote:
> In gmane.os.openbsd.misc, Otto wrote:
> > On Tue, Dec 30, 2014 at 11:09:44AM -0200, Raimundo Santos wrote:
> >
> >> Hello misc@!
> >>
> >> I have a router (peaking at 70Mbps of aggregated traffic) that acts as a
> >> recursive internal DNS server too (this configuration will die
> >> soon, as my traffic is growing), but Unbound keep saying, in
> >> /var/log/messages:
> >>
> >> Dec 30 09:57:07 myhost unbound: [3873:0] error: can't create socket: Too
> >> many open files
> >> Dec 30 09:57:08 myhost last message repeated 20284 times
> >> Dec 30 10:26:48 myhost unbound: [3873:0] error: can't create socket: Too
> >> many open files
> >> Dec 30 10:26:50 myhost last message repeated 24896 times
> >>
> >> Sometimes it says:
> >>
> >> Dec 27 21:49:19 myhost unbound: [2565:0] notice: sendto failed: No buffer
> >> space available
> >>
> >> I have:
> >>
> >> kern.maxfiles=16384
> >> kern.somaxconn=16384
> >>
> >> And in login.conf:
> >>
> >> daemon:\
> >> :ignorenologin:\
> >> :datasize=infinity:\
> >> :maxproc=infinity:\
> >> :openfiles-cur=4096:\
> >> :openfiles-max=8192:\
> >> :stacksize-cur=8M:\
> >> :localcipher=blowfish,9:\
> >> :tc=default:
> >>
> >> unbound:\
> >> :ignorenologin:\
> >> :datasize=infinity:\
> >> :maxproc=infinity:\
> >> :openfiles-cur=8192:\
> >> :openfiles-max=16384:\
> >> :stacksize-cur=32M:\
> >> :localcipher=blowfish,9:\
> >> :tc=default:
> >>
> >> With many resources just for Unbound, how can it keep complaining?
> >
> > There's an undocumented "feature" with unbound: it (only) sets its
> > resource limits based on the class of its user (_unbound by default).
> >
> > So set the class of the _unbound user to unbound and you're all set.
> >
> > -Otto
>
> This would probably be less surprising. Comments, anyone?
I would like this very much.
-Otto
>
> Index: master.passwd
> ===================================================================
> RCS file: /cvs/src/etc/master.passwd,v
> retrieving revision 1.78
> diff -u -p -r1.78 master.passwd
> --- master.passwd 15 Sep 2014 22:28:58 -0000 1.78
> +++ master.passwd 17 Feb 2015 00:42:50 -0000
> @@ -9,7 +9,7 @@ _rstatd:*:30:30::0:0:rpc.rstatd:/var/emp
> _rusersd:*:32:32::0:0:rpc.rusersd:/var/empty:/sbin/nologin
> _fingerd:*:33:33::0:0:fingerd:/var/empty:/sbin/nologin
> _x11:*:35:35::0:0:X Server:/var/empty:/sbin/nologin
> -_unbound:*:53:53::0:0:Unbound Daemon:/var/unbound:/sbin/nologin
> +_unbound:*:53:53:unbound:0:0:Unbound Daemon:/var/unbound:/sbin/nologin
> _spamd:*:62:62::0:0:Spam Daemon:/var/empty:/sbin/nologin
> uucp:*:66:1::0:0:UNIX-to-UNIX Copy:/var/spool/uucppublic:/sbin/nologin
> www:*:67:67::0:0:HTTP Server:/var/www:/sbin/nologin
