Bug#189094: marked as done (File descriptor leackage)
Your message dated Tue, 18 Nov 2003 10:57:18 +0100 (CET)
with message-id <Pine.LNX.4.58.0311181038380.15710@trider-g7.ext.fabbione.net>
and subject line closing bug 189094
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 15 Apr 2003 10:07:06 +0000
>From niccolo@texnet.it Tue Apr 15 05:07:06 2003
Return-path: <niccolo@texnet.it>
Received: from dns.texnet.it [151.99.150.6]
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 195NLF-0008BI-00; Tue, 15 Apr 2003 05:07:06 -0500
Received: from lan.texnet.it ([151.99.150.8] helo=10.0.1.2)
by dns.texnet.it with esmtp (Exim 3.35 #1 (Debian))
id 195NKl-0004ap-00
for <submit@bugs.debian.org>; Tue, 15 Apr 2003 12:06:35 +0200
From: Niccolo Rigacci <niccolo@texnet.it>
Organization: Tex.NET
To: submit@bugs.debian.org
Subject: File descriptor leackage
Date: Tue, 15 Apr 2003 12:06:34 +0200
User-Agent: KMail/1.5.1
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200304151206.34297.niccolo@texnet.it>
Delivered-To: submit@bugs.debian.org
X-Spam-Status: No, hits=-4.1 required=4.0
tests=HAS_PACKAGE,NOSPAM_INC,SIGNATURE_SHORT_DENSE,
SPAM_PHRASE_00_01,USER_AGENT,USER_AGENT_KMAIL
version=2.44
X-Spam-Level:
Package: apache-ssl
Version: 1.3.26.1+1.48-0woody3
I have apache-ssl serving about 200 virtual domains on a Debian Woody. Each
domain is both SSLEnable and SSLDisable. I keep only one access.log and one
error.log file, defined in the main section of httpd.conf.
I suspect a file descriptor leak: just a few seconds after the start, apache
processes uses more than 6000 file descriptors (checked with lsof).
The output of lsof is interesting: each apache instance, opens and keeps
opened the /etc/apache-ssl directory, as you can see:
apache-ss 2702 root 5r DIR 9,0 4096 46576 /etc/apache-ssl
apache-ss 2702 root 6r DIR 9,0 4096 46576 /etc/apache-ssl
apache-ss 2702 root 7r DIR 9,0 4096 46576 /etc/apache-ssl
apache-ss 2702 root 8r DIR 9,0 4096 46576 /etc/apache-ssl
apache-ss 2702 root 9r DIR 9,0 4096 46576 /etc/apache-ssl
apache-ss 2702 root 10r DIR 9,0 4096 46576 /etc/apache-ssl
....
....
Those file descriptors alone are more than 5000!
I tried the same httpd.conf file with apache non ssl, disabling only SSL
related directives: no /etc/apache-ssl directory results in lsof, and just
about 400 file descriptors were used.
Obviously I get several warnings in error.log:
[warn] send body: filedescriptor (3609) larger than FD_SETSIZE (1024)
found, you probably need to rebuild Apache with a larger FD_SETSIZE
and sometimes apache dies with:
[crit] error:02001018:system library:fopen:Too many open file
Another synptom is that some cgi stops working (wwwcount).
--
Niccolo Rigacci
http://www.texnet.it/
---------------------------------------
Received: (at 189094-done) by bugs.debian.org; 18 Nov 2003 09:57:21 +0000
>From fabbione@fabbione.net Tue Nov 18 03:57:21 2003
Return-path: <fabbione@fabbione.net>
Received: from port5.ds1-sby.adsl.cybercity.dk (trider-g7.fabbione.net) [212.242.169.198]
by master.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1AM2bo-0007j9-00; Tue, 18 Nov 2003 03:57:20 -0600
Received: from trider-g7.ext.fabbione.net (port5.ds1-sby.adsl.cybercity.dk [212.242.169.198])
by trider-g7.fabbione.net (Postfix) with ESMTP id 5E86F16
for <189094-done@bugs.debian.org>; Tue, 18 Nov 2003 10:57:19 +0100 (CET)
Date: Tue, 18 Nov 2003 10:57:18 +0100 (CET)
From: Fabio Massimo Di Nitto <fabbione@fabbione.net>
Sender: fabbione@trider-g7.ext.fabbione.net
To: 189094-done@bugs.debian.org
Subject: closing bug 189094
Message-ID: <Pine.LNX.4.58.0311181038380.15710@trider-g7.ext.fabbione.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Delivered-To: 189094-done@bugs.debian.org
X-Spam-Status: No, hits=1.0 required=4.0
tests=BAYES_60
version=2.53-bugs.debian.org_2003_11_15
X-Spam-Level: *
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_11_15 (1.174.2.15-2003-03-30-exp)
Hi all,
I have created a test environment to try to reproduce this problem
with more recent versions of apache-ssl (1.3.29) and i cannot see any
effect of this bug. I assume that it has been fixed upstream.
FYI here is my test setup:
200 vhosts both with SSLEnable and SSLDisable (= 400 vhosts)
all 400 vhosts listening on different ports. Each vhost has its own key
and its own documentroot.
An example of a vhost that is than replicated 200 times with proper
settings.
Listen 15000
<VirtualHost test0.pippo.biz:15000>
SSLEnable
SSLCertificateFile /etc/apache-ssl/certs/cert0.pem
DocumentRoot /var/www/vhosts/0/
</VirtualHost>
Listen 16000
<VirtualHost test0.pippo.biz:16000>
SSLDisable
DocumentRoot /var/www/vhosts/0/
</VirtualHost>
lsof | grep apache-ssl | wc -l
42
Thanks
Fabio
--
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues
http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp00004.html
Reply to: