On Wed, 23.02.11 16:24, Zbigniew Jędrzejewski-Szmek ([email protected]) wrote:
> Hi, > I wanted to see what happens when using per-connection [email protected] > from http://0pointer.de/public/systemd-units/[email protected]. > > After doing some ~1200 ssh connections, the socket went into > disabled state: > Feb 23 15:43:23 fedora systemd[1]: sshd.socket failed to queue socket startup > job: File exists > Feb 23 15:43:23 fedora systemd[1]: Unit sshd.socket entered failed state. > > After 'systemctl restart sshd.socket' connections work again. > Is this expected? > > Another problem is resource usage: > after 7000 connections the RSS of systemd is up at 90MB. It started around > 20MB, > so this gives 70 MB / 7000 connections = 10kB per connection, which is not > bad, > but basically opens up a way to bring the machine down if the number of > connection > is not limited in some other way. > > Should systemd implement dropping old inactive template-generated units? > Or maybe does it do this already? We do that. The problem is that this service of yours failed and systemd hence won't drop it. If a service fails we usually use that as indication that this is something the admin should see and hence never GC the service. In this case there are two solutions: a) fix sshd to not return a failure code if run as "sshd -i". Or b) replace "ExecStart=/usr/sbin/sshd -i" by "ExecStart=-/usr/sbin/sshd -i" to ensure we ignore any failure from sshd. Lennart -- Lennart Poettering - Red Hat, Inc. _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
