From: Willy Tarreau Date: Tue, 21 Jun 2016 09:51:59 +0000 (+0200) Subject: BUG/MINOR: init: ensure that FD limit is raised to the max allowed X-Git-Tag: v1.7-dev4~61 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=164dd0b6e4ad36dc90e9163eeb84d3fb4aa175e9;p=thirdparty%2Fhaproxy.git BUG/MINOR: init: ensure that FD limit is raised to the max allowed When the requested amount of FDs cannot be allocated, setrlimit() fails. That's bad because if the limit is set to 1024 and we need 10000, we stay on 1024 while we could possibly raise it to 4096 thanks to rlim_max. This patch takes care of trying to assign rlim_cur to rlim_max on failure so that we get as much as possible if we can't get all we need. The case is particularly visible when starting haproxy as a non-privileged user and a large maxconn is specified in the configuration. Another point of doing this is that it is the only way to allow us to close inherited FDs upon fork(), ie those between rlim_cur and rlim_max. This patch may be backported to 1.6 and 1.5. --- diff --git a/src/haproxy.c b/src/haproxy.c index 2612e29b9f..6665ba76e3 100644 --- a/src/haproxy.c +++ b/src/haproxy.c @@ -1771,6 +1771,10 @@ int main(int argc, char **argv) if (setrlimit(RLIMIT_NOFILE, &limit) == -1) { /* try to set it to the max possible at least */ getrlimit(RLIMIT_NOFILE, &limit); + limit.rlim_cur = limit.rlim_max; + if (setrlimit(RLIMIT_NOFILE, &limit) != -1) + getrlimit(RLIMIT_NOFILE, &limit); + Warning("[%s.main()] Cannot raise FD limit to %d, limit is %d.\n", argv[0], global.rlimit_nofile, (int)limit.rlim_cur); global.rlimit_nofile = limit.rlim_cur; }