AW: Still much more than 350 sockets needed!

Lamont R. Peterson lamont at gurulabs.com
Wed Apr 26 21:17:47 UTC 2006 

On Wednesday 26 April 2006 02:51pm, Olivier Galibert wrote:
> On Wed, Apr 26, 2006 at 02:34:55PM -0600, Lamont R. Peterson wrote:
> > Where do you put that?  There is no "limit" command and ulimit doesn't
> > accept "descriptors" as a parameter.
>
> limit descriptors is (t)csh, the (ba)sh equivalent is ulimit -n.  Use
> ulimit -a for the complete list.

Oh, duh!

OK.  Running "ulimit -n 2048" on the client box in my 3-box setup, yielded the 
result that 2045 network connections could be made, as root.  Trying to run 
that ulimit command as an unprivileged user results in an error message (as 
expected).

So, in order to solve Hendrik Wiese's problem, they can either launch their 
client program as root, increase the limit to whatever they feel is 
appropriate, and then drop root privileges, or use pam_limits.so by 
editing /etc/security/limits.conf and adding lines like:

*       soft    nofile  1024
*       hard    nofile  65535

Of course, set values that make sense for the soft limit, since unprivileged 
users can't change that.  On RHEL & FC, pam_limit.so is loaded 
in /etc/pam.d/system-auth, so no modifications will be needed.

> > I'd certainly like to know the answer, too.
>
> /etc/security/limits.conf is I think what you want.

I agree; that's the best way.

> > BTW:  With 1GB RAM minimum on all my notebooks and workstations (and on a
> > couple of my personal servers), it wouldn't bother me to increase that
> > default to 5120 or 10240 even.  Of course, that change could require a
> > much more in depth conversation.
>
> I'd agree.  I'd love to know the kernel memory cost for a fd though.

I don't have the kernel source (or headers) handy at the moment.  If I did, 
I'd find out by starting with the fs.h header and working from there.
-- 
Lamont R. Peterson <lamont at gurulabs.com>
Senior Instructor
Guru Labs, L.C. [ http://www.GuruLabs.com/ ]
GPG Key fingerprint: F98C E31A 5C4C 834A BCAB  8CB3 F980 6C97 DC0D D409
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20060426/000a8154/attachment.sig>

More information about the fedora-devel-list mailing list