On Wed, Feb 22, 2012 at 03:55:26PM -0800, Quanah Gibson-Mount wrote: > --On Wednesday, February 22, 2012 2:36 PM -0800 Chris Hiestand > <chiest...@salk.edu> wrote:
> >That's all fair enough, I've moved this to wishlist. I would find this
> >patch, or something like it, useful in order to make it easy for admins
> >of heavily-used servers to easily increase the ulimit and not have to
> >maintain a forked init file. Maintaining forks strains my technomage
> >capabilities ;-)
> I would note the only reason this is being hit at all is because
> slapd has been linked to tcpwrappers. I personally frown on such
> linking, as you can do much more sophisticated filtering at the ACL
> level in OpenLDAP, and all it does is create issues such as this
> one. If you aren't using hosts.{allow,deny} then rebuild w/o the
> tcpwrappers linking, and this problem will disappear entirely.
Chris indicated that this was the *first* limit he hit. You're still not
going to be able to open 1024 connections to a server with a ulimit of 1024,
whether you link to tcpwrappers or not. It's not as though tcpwrappers is
leaking fds here or using them gratuitously.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
signature.asc
Description: Digital signature
