* [Tue, Oct 16, 2012 at 03:30:18PM +0200] Gian Piero Carrubba:
A simple patch is attached. This way it should be possible to use both
--mlock and --user with an unprivileged user and more than few tinc
nodes without incurring in the problem reported in [0]_ (namely, "Error
while processing METAKEY from ...").
Sorry, the previous patch was wrong in that it does not set the limits
when restarting the daemon. Please find attached a corrected patch.
Ulimit is now always invoked when running the init script, even for
alarm or stop actions. Useless in those case, but it should not be
dangerous.
Thanks,
Gian Piero.
Tue Oct 16 18:47:59 CEST 2012 "Gian Piero Carrubba" <gpi...@rm-rf.it>
* Set process limits on start
diff -rN -u old-tinc-1.0.19/debian/tinc.default new-tinc-1.0.19/debian/tinc.default
--- old-tinc-1.0.19/debian/tinc.default 2012-10-16 18:50:31.215612570 +0200
+++ new-tinc-1.0.19/debian/tinc.default 2012-10-16 18:50:31.215612570 +0200
@@ -1,2 +1,7 @@
# Extra options to be passed to tincd.
# EXTRA="-d"
+
+# Limits to be configured for the tincd process. Please read your shell
+# (pointed by /bin/sh) documentation for ulimit. You probably want to raise the
+# max locked memory value if using both --mlock and --user flags.
+# LIMITS="-l 128"
diff -rN -u old-tinc-1.0.19/debian/tinc.init new-tinc-1.0.19/debian/tinc.init
--- old-tinc-1.0.19/debian/tinc.init 2012-10-16 18:50:31.215612570 +0200
+++ new-tinc-1.0.19/debian/tinc.init 2012-10-16 18:50:31.215612570 +0200
@@ -54,6 +54,18 @@
done
}
+setlimits() {
+ while [ $# -gt 0 ]; do
+ parm=$1 ; shift
+ if [ -n "$1" -a "${1#-}" = "$1" ]; then
+ value=$1 ; shift
+ ulimit $parm $value
+ else
+ ulimit $parm
+ fi
+ done
+}
+
start() {
$DAEMON $EXTRA -n "$@"
}
@@ -82,6 +94,8 @@
start "$@"
}
+test -n "$LIMITS" && setlimits $LIMITS
+
case "$1" in
start)
foreach_net "Starting $DESC:" start
