On Wed, Feb 23, 2011 at 06:23:05PM +0100, Lennart Poettering wrote: > On Wed, 23.02.11 16:24, Zbigniew Jędrzejewski-Szmek ([email protected]) wrote: > > > Hi, > > I wanted to see what happens when using per-connection [email protected] > > from http://0pointer.de/public/systemd-units/[email protected]. > > > > After doing some ~1200 ssh connections, the socket went into > > disabled state: > > Feb 23 15:43:23 fedora systemd[1]: sshd.socket failed to queue socket > > startup job: File exists > > Feb 23 15:43:23 fedora systemd[1]: Unit sshd.socket entered failed state. > > > > After 'systemctl restart sshd.socket' connections work again. > > Is this expected? > > > > Another problem is resource usage: > > after 7000 connections the RSS of systemd is up at 90MB. It started around > > 20MB, > > so this gives 70 MB / 7000 connections = 10kB per connection, which is not > > bad, > > but basically opens up a way to bring the machine down if the number of > > connection > > is not limited in some other way. > > > > Should systemd implement dropping old inactive template-generated units? > > Or maybe does it do this already? > > We do that. The problem is that this service of yours failed and systemd > hence won't drop it. If a service fails we usually use that as > indication that this is something the admin should see and hence never > GC the service. I see. systemctl reset-failed && systemctl daemon-reload indeed clear the backlog :).
> > In this case there are two solutions: a) fix sshd to not return a > failure code if run as "sshd -i". > > Or b) replace "ExecStart=/usr/sbin/sshd -i" by > "ExecStart=-/usr/sbin/sshd -i" to ensure we ignore any failure from > sshd. b) works and the number of units is not increases. I guess that the service file should be modified in this way. a) might be a little bit harder :). Thanks, Zbyszek _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
