Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Gentoo User (http://www.linux-archive.org/gentoo-user/)
-   -   Persistent ulimit for daemons (http://www.linux-archive.org/gentoo-user/689555-persistent-ulimit-daemons.html)

Michael Orlitzky 08-01-2012 02:41 PM

Persistent ulimit for daemons
 
Is there a blessed method these days for setting the ulimit per-daemon?

The best I've been able to do is a global setting in /etc/rc.conf:

rc_ulimit="-s 1048576"

The entries under /etc/security seem to be ignored when using
`/etc/init.d/foo start`.

Canek Peláez Valdés 08-01-2012 03:27 PM

Persistent ulimit for daemons
 
On Wed, Aug 1, 2012 at 9:41 AM, Michael Orlitzky <michael@orlitzky.com> wrote:
> Is there a blessed method these days for setting the ulimit per-daemon?
>
> The best I've been able to do is a global setting in /etc/rc.conf:
>
> rc_ulimit="-s 1048576"
>
> The entries under /etc/security seem to be ignored when using
> `/etc/init.d/foo start`.

If you are willing to try, systemd allows you to set not only the
limits for opened files, but also for basically every knob the Linux
kernel has. And to set it per daemon (or unit, in systemd parlance),
of course; for what you want, you would only need to set:

LimitNOFILE=<limit>

in the [Service] section of your unit. If you are interested, all the
relevant documentation is in systemd.exec(5).

Regards.
--
Canek Peláez Valdés
Posgrado en Ciencia e Ingeniería de la Computación
Universidad Nacional Autónoma de México

Michael Orlitzky 08-01-2012 03:49 PM

Persistent ulimit for daemons
 
On 08/01/12 11:27, Canek Peláez Valdés wrote:
> On Wed, Aug 1, 2012 at 9:41 AM, Michael Orlitzky <michael@orlitzky.com> wrote:
>> Is there a blessed method these days for setting the ulimit per-daemon?
>>
>> The best I've been able to do is a global setting in /etc/rc.conf:
>>
>> rc_ulimit="-s 1048576"
>>
>> The entries under /etc/security seem to be ignored when using
>> `/etc/init.d/foo start`.
>
> If you are willing to try, systemd allows you to set not only the
> limits for opened files, but also for basically every knob the Linux
> kernel has. And to set it per daemon (or unit, in systemd parlance),
> of course; for what you want, you would only need to set:
>
> LimitNOFILE=<limit>
>
> in the [Service] section of your unit. If you are interested, all the
> relevant documentation is in systemd.exec(5).
>

This is our mail filtering gateway, so I probably won't be willing to
try systemd until the next time we replace the hardware =)

That does sound extremely useful though. I'm planning on converting my
desktops after it gets a little bit more traction.

Joost Roeleveld 08-02-2012 05:52 AM

Persistent ulimit for daemons
 
On Wednesday, August 01, 2012 10:41:41 AM Michael Orlitzky wrote:
> Is there a blessed method these days for setting the ulimit per-daemon?
>
> The best I've been able to do is a global setting in /etc/rc.conf:
>
> rc_ulimit="-s 1048576"
>
> The entries under /etc/security seem to be ignored when using
> `/etc/init.d/foo start`.

Michael,

I had to change the "nofiles" ulimit setting for my webserver. For that, I
simply added the settings to the following file:

# cat /etc/security/limits.conf | grep apache
apache hard nofile 4096
apache soft nofile 4096

I would expect the same to work for any other daemon?

HTH,

Joost

Michael Orlitzky 08-02-2012 03:38 PM

Persistent ulimit for daemons
 
On 08/02/12 01:52, Joost Roeleveld wrote:
> On Wednesday, August 01, 2012 10:41:41 AM Michael Orlitzky wrote:
>> Is there a blessed method these days for setting the ulimit per-daemon?
>>
>> The best I've been able to do is a global setting in /etc/rc.conf:
>>
>> rc_ulimit="-s 1048576"
>>
>> The entries under /etc/security seem to be ignored when using
>> `/etc/init.d/foo start`.
>
> Michael,
>
> I had to change the "nofiles" ulimit setting for my webserver. For that, I
> simply added the settings to the following file:
>
> # cat /etc/security/limits.conf | grep apache
> apache hard nofile 4096
> apache soft nofile 4096
>
> I would expect the same to work for any other daemon?
>

I thought so too, but it doesn't seem to be working (for any daemon, I
even tried with apache just now).

Can you `cat /proc/<pid>/limits` on one of those apache processes? I get
whatever was set for my bash shell rather than what I have in limits.conf.

Joost Roeleveld 08-03-2012 04:44 AM

Persistent ulimit for daemons
 
On Thursday, August 02, 2012 11:38:32 AM Michael Orlitzky wrote:
> On 08/02/12 01:52, Joost Roeleveld wrote:
> > On Wednesday, August 01, 2012 10:41:41 AM Michael Orlitzky wrote:
> >> Is there a blessed method these days for setting the ulimit per-daemon?
> >>
> >> The best I've been able to do is a global setting in /etc/rc.conf:
> >> rc_ulimit="-s 1048576"
> >>
> >> The entries under /etc/security seem to be ignored when using
> >> `/etc/init.d/foo start`.
> >
> > Michael,
> >
> > I had to change the "nofiles" ulimit setting for my webserver. For that, I
> > simply added the settings to the following file:
> >
> > # cat /etc/security/limits.conf | grep apache
> > apache hard nofile 4096
> > apache soft nofile 4096
> >
> > I would expect the same to work for any other daemon?
>
> I thought so too, but it doesn't seem to be working (for any daemon, I
> even tried with apache just now).
>
> Can you `cat /proc/<pid>/limits` on one of those apache processes? I get
> whatever was set for my bash shell rather than what I have in limits.conf.

I do get 4096.
Just had another good look at my notes, I also changed the init-file (Added
the ulimit-statement here):
***
start() {
checkconfig || return 1

[ -f /var/log/apache2/ssl_scache ] && rm /var/log/apache2/ssl_scache

ebegin "Starting ${SVCNAME}"
++++ ulimit -n 4096
${APACHE2} ${APACHE2_OPTS} -k start

i=0
while [ ! -e "${PIDFILE}" ] && [ $i -lt ${TIMEOUT} ]; do
sleep 1 && i=$(expr $i + 1)
done

test -e "${PIDFILE}"
eend $?
}

***

I don't think there is a consistent method of making this change more
permanent.

--
Joost

Graham Murray 08-03-2012 05:08 AM

Persistent ulimit for daemons
 
Michael Orlitzky <michael@orlitzky.com> writes:

> Is there a blessed method these days for setting the ulimit per-daemon?
>
> The best I've been able to do is a global setting in /etc/rc.conf:
>
> rc_ulimit="-s 1048576"
>
> The entries under /etc/security seem to be ignored when using
> `/etc/init.d/foo start`.

Add an rc_ulimits= line to /etc/conf.d/daemon_name

Michael Orlitzky 08-03-2012 04:23 PM

Persistent ulimit for daemons
 
On 08/03/2012 12:44 AM, Joost Roeleveld wrote:
>
> I do get 4096.
> Just had another good look at my notes, I also changed the init-file (Added
> the ulimit-statement here):
> ***
> ...
> ebegin "Starting ${SVCNAME}"
> ++++ ulimit -n 4096
> ${APACHE2} ${APACHE2_OPTS} -k start

Ah, this is what does it. I would rather not modify the init file in
case someone else updates clamav (the daemon in question) in the future.
Unless they know I've messed with it, they'll just overwrite the changes.

Michael Orlitzky 08-03-2012 04:29 PM

Persistent ulimit for daemons
 
On 08/03/2012 01:08 AM, Graham Murray wrote:
> Michael Orlitzky <michael@orlitzky.com> writes:
>
>> Is there a blessed method these days for setting the ulimit per-daemon?
>>
>> The best I've been able to do is a global setting in /etc/rc.conf:
>>
>> rc_ulimit="-s 1048576"
>>
>> The entries under /etc/security seem to be ignored when using
>> `/etc/init.d/foo start`.
>
> Add an rc_ulimits= line to /etc/conf.d/daemon_name
>

Wow, this works. Thanks!


All times are GMT. The time now is 12:22 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.