[BUG] startup: set the rlimits before binding ports, not after.

As reported by the Loadbalancer.org team, it was not possible to bind
more than 1024 ports. This is because the process' limits were set after
trying to bind the sockets, which defeats their purpose.

This fix must be backported to 1.4 and 1.3.

diff --git a/src/haproxy.c b/src/haproxy.c
index 78e10290a0e23b88a4f07cf85f53bb9cb4b9f852..d1f71950c6b326119ec54f8dc5f0c0932bbea44d 100644 (file)
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -969,6 +969,33 @@ int main(int argc, char **argv)
         */
        signal_register_fct(SIGPIPE, NULL, 0);
 
+       /* ulimits */
+       if (!global.rlimit_nofile)
+               global.rlimit_nofile = global.maxsock;
+
+       if (global.rlimit_nofile) {
+               limit.rlim_cur = limit.rlim_max = global.rlimit_nofile;
+               if (setrlimit(RLIMIT_NOFILE, &limit) == -1) {
+                       Warning("[%s.main()] Cannot raise FD limit to %d.\n", argv[0], global.rlimit_nofile);
+               }
+       }
+
+       if (global.rlimit_memmax) {
+               limit.rlim_cur = limit.rlim_max =
+                       global.rlimit_memmax * 1048576 / global.nbproc;
+#ifdef RLIMIT_AS
+               if (setrlimit(RLIMIT_AS, &limit) == -1) {
+                       Warning("[%s.main()] Cannot fix MEM limit to %d megs.\n",
+                               argv[0], global.rlimit_memmax);
+               }
+#else
+               if (setrlimit(RLIMIT_DATA, &limit) == -1) {
+                       Warning("[%s.main()] Cannot fix MEM limit to %d megs.\n",
+                               argv[0], global.rlimit_memmax);
+               }
+#endif
+       }
+
        /* We will loop at most 100 times with 10 ms delay each time.
         * That's at most 1 second. We only send a signal to old pids
         * if we cannot grab at least one port.
@@ -1057,33 +1084,6 @@ int main(int argc, char **argv)
                pidfile = fdopen(pidfd, "w");
        }
 
-       /* ulimits */
-       if (!global.rlimit_nofile)
-               global.rlimit_nofile = global.maxsock;
-
-       if (global.rlimit_nofile) {
-               limit.rlim_cur = limit.rlim_max = global.rlimit_nofile;
-               if (setrlimit(RLIMIT_NOFILE, &limit) == -1) {
-                       Warning("[%s.main()] Cannot raise FD limit to %d.\n", argv[0], global.rlimit_nofile);
-               }
-       }
-
-       if (global.rlimit_memmax) {
-               limit.rlim_cur = limit.rlim_max =
-                       global.rlimit_memmax * 1048576 / global.nbproc;
-#ifdef RLIMIT_AS
-               if (setrlimit(RLIMIT_AS, &limit) == -1) {
-                       Warning("[%s.main()] Cannot fix MEM limit to %d megs.\n",
-                               argv[0], global.rlimit_memmax);
-               }
-#else
-               if (setrlimit(RLIMIT_DATA, &limit) == -1) {
-                       Warning("[%s.main()] Cannot fix MEM limit to %d megs.\n",
-                               argv[0], global.rlimit_memmax);
-               }
-#endif
-       }
-
 #ifdef CONFIG_HAP_CTTPROXY
        if (global.last_checks & LSTCHK_CTTPROXY) {
                int ret;