From: Brian Utterback Date: Sat, 3 Aug 2013 19:13:34 +0000 (-0400) Subject: [Bug 2454] Need way to set file descriptor limit. X-Git-Tag: NTP_4_2_7P381~4^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=30d8650faa3e02099e02087ec199d8c22b785ab7;p=thirdparty%2Fntp.git [Bug 2454] Need way to set file descriptor limit. [Bug 2453] Need a way to avoid calling mlockall. [Bug 2451] rlimit command is missing from the table of contents in miscopt.html bk: 51fd565eKrXuK0C7pHv9hFOwsJVrHQ --- diff --git a/ChangeLog b/ChangeLog index 828696601..46ae69640 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,6 @@ +* [Bug 2454] Need way to set file descriptor limit. +* [Bug 2453] Need a way to avoid calling mlockall. +* [Bug 2451] rlimit command is missing from the table of contents in miscopt.html (4.2.7p380) 2013/08/03 Released by Harlan Stenn * CID 984511: Some systems have different printf needs for sizeof. (4.2.7p379) 2013/08/02 Released by Harlan Stenn diff --git a/html/miscopt.html b/html/miscopt.html index ba284214e..d4ee126cc 100644 --- a/html/miscopt.html +++ b/html/miscopt.html @@ -125,9 +125,11 @@
memlock Nmegabytes
-
Specify the number of megabytes of memory that can be allocated. Probably only available under Linux, this option is useful when dropping root (the -i option). The default is 32 megabytes.
+
Specify the number of megabytes of memory that can be allocated. Probably only available under Linux, this option is useful when dropping root (the -i option). The default is 32 megabytes. Setting this to zero will prevent any attemp to lock memory.
stacklimit N4kPages
Specifies the maximum size of the process stack on systems with the mlockall() function. Defaults to 50 4k pages (200 4k pages in OpenBSD).
+
filenum N4kPages
+
Specifies the maximum number of file descriptors ntp may have open at the same time. Defaults to system deault.
tos [beacon beacon | ceiling ceiling | cohort {0 | 1} | floor floor | maxclock maxclock | maxdist maxdist | minclock minclock | mindist mindist | minsane minsane | orphan stratum | orphanwait delay]
diff --git a/html/scripts/miscopt.txt b/html/scripts/miscopt.txt index 201718fc9..64987c8b1 100644 --- a/html/scripts/miscopt.txt +++ b/html/scripts/miscopt.txt @@ -13,6 +13,7 @@ document.write("

Miscellaneous Commands and Options

    \
  • saveconfigdir - specify saveconfig directory
    • \
  • setvar - set system variables
    • \
  • tinker - modify sacred system parameters (dangerous)
    • \ +
  • rlimit - alters certain process storage allocation limits
    • \
  • tos - modify service parameters
    • \
  • trap - set trap address
    • \
  • ttl - set time to live
    • \ diff --git a/include/ntp_config.h b/include/ntp_config.h index 9c2f05585..982594e4c 100644 --- a/include/ntp_config.h +++ b/include/ntp_config.h @@ -46,6 +46,9 @@ extern int cmdline_server_count; extern char ** cmdline_servers; +/* set to zero if admin doesn't want memory locked */ +extern int do_memlock; + typedef struct int_range_tag { int first; int last; diff --git a/ntpd/keyword-gen.c b/ntpd/keyword-gen.c index dfc39982b..d4f77588d 100644 --- a/ntpd/keyword-gen.c +++ b/ntpd/keyword-gen.c @@ -202,6 +202,7 @@ struct key_tok ntp_keywords[] = { /* rlimit_option */ { "memlock", T_Memlock, FOLLBY_TOKEN }, { "stacksize", T_Stacksize, FOLLBY_TOKEN }, +{ "filenum", T_Filenum, FOLLBY_TOKEN }, /* tinker_option */ { "step", T_Step, FOLLBY_TOKEN }, { "panic", T_Panic, FOLLBY_TOKEN }, diff --git a/ntpd/ntp.conf.def b/ntpd/ntp.conf.def index 7a37f352d..8fd3629ae 100644 --- a/ntpd/ntp.conf.def +++ b/ntpd/ntp.conf.def @@ -2663,6 +2663,7 @@ pulses will not be suppressed. .Oo .Cm memlock Ar Nmegabytes | .Cm stacklimit Ar N4kPages +.Cm filenum Ar Nfiledescriptors .Oc .Xc .Bl -tag -width indent @@ -2672,9 +2673,11 @@ Probably only available under Linux, this option is useful when dropping root (the .Fl i option). -The default is 32 megabytes. +The default is 32 megabytes. Setting this to zero will prevent any attemp to lock memory. .It Cm stacklimit Ar N4kPages Specifies the maximum size of the process stack on systems with the +.It Cm filenum Ar Nfiledescriptors +Specifies the maximum number of file descriptors ntpd may have open at once. Defaults to the system default. .Fn mlockall function. Defaults to 50 4k pages (200 4k pages in OpenBSD). diff --git a/ntpd/ntp_config.c b/ntpd/ntp_config.c index 28639af85..5cb6d2c22 100644 --- a/ntpd/ntp_config.c +++ b/ntpd/ntp_config.c @@ -58,6 +58,9 @@ int cmdline_server_count; char ** cmdline_servers; +/* set to zero if admin doesn't want memory locked */ +int do_memlock = 1; + /* * "logconfig" building blocks */ @@ -2602,15 +2605,19 @@ config_rlimit( break; case T_Memlock: + if (rlimit_av->value.i != 0) { #if defined(HAVE_MLOCKALL) && defined(RLIMIT_MEMLOCK) - ntp_rlimit(RLIMIT_MEMLOCK, - (rlim_t)(rlimit_av->value.i * 1024 * 1024), - 1024 * 1024, - "MB"); + ntp_rlimit(RLIMIT_MEMLOCK, + (rlim_t)(rlimit_av->value.i * 1024 * 1024), + 1024 * 1024, + "MB"); #else - /* STDERR as well would be fine... */ - msyslog(LOG_WARNING, "'rlimit memlock' specified but is not available on this system."); + /* STDERR as well would be fine... */ + msyslog(LOG_WARNING, "'rlimit memlock' specified but is not available on this system."); #endif /* !(HAVE_MLOCKALL && RLIMIT_MEMLOCK) */ + } else { + do_memlock = 0; + } break; case T_Stacksize: @@ -2624,6 +2631,19 @@ config_rlimit( msyslog(LOG_WARNING, "'rlimit stacksize' specified but is not available on this system."); #endif /* !(HAVE_MLOCKALL && RLIMIT_STACK) */ break; + + case T_Filenum: +#if defined(RLIMIT_NOFILE) + ntp_rlimit(RLIMIT_NOFILE, + (rlim_t)(rlimit_av->value.i), + 1, + ""); +#else + /* STDERR as well would be fine... */ + msyslog(LOG_WARNING, "'rlimit filenum' specified but is not available on this system."); +#endif /* !(RLIMIT_NOFILE) */ + break; + } } } @@ -4869,6 +4889,20 @@ ntp_rlimit( break; #endif /* RLIMIT_MEMLOCK */ +#ifdef RLIMIT_NOFILE + case RLIMIT_NOFILE: + /* + * For large systems the default file descriptor limit may + * not be enough. + */ + DPRINTF(2, ("ntp_rlimit: NOFILE: %d %s\n", + (int)(rl_value / rl_scale), rl_sstr)); + rl.rlim_cur = rl.rlim_max = rl_value; + if (setrlimit(RLIMIT_NOFILE, &rl) == -1) + msyslog(LOG_ERR, "Cannot set RLIMIT_NOFILE: %m"); + break; +#endif /* RLIMIT_NOFILE */ + case RLIMIT_STACK: /* * Provide a way to set the stack limit to something diff --git a/ntpd/ntp_parser.y b/ntpd/ntp_parser.y index f077735ea..a13fbb625 100644 --- a/ntpd/ntp_parser.y +++ b/ntpd/ntp_parser.y @@ -104,6 +104,7 @@ %token T_False %token T_File %token T_Filegen +%token T_Filenum %token T_Flag1 %token T_Flag2 %token T_Flag3 @@ -1005,6 +1006,7 @@ rlimit_option rlimit_option_keyword : T_Memlock | T_Stacksize + | T_Filenum ; diff --git a/ntpd/ntpd.c b/ntpd/ntpd.c index 4fcdf7421..a01b889de 100644 --- a/ntpd/ntpd.c +++ b/ntpd/ntpd.c @@ -686,6 +686,7 @@ ntpdmain( } # endif + /* Setup stack size in preparation for locking pages in memory. */ # if defined(HAVE_MLOCKALL) # ifdef HAVE_SETRLIMIT ntp_rlimit(RLIMIT_STACK, DFLT_RLIMIT_STACK * 4096, 4096, "4k"); @@ -699,12 +700,6 @@ ntpdmain( ntp_rlimit(RLIMIT_MEMLOCK, DFLT_RLIMIT_MEMLOCK * 1024 * 1024, 1024 * 1024, "MB"); # endif /* RLIMIT_MEMLOCK */ # endif /* HAVE_SETRLIMIT */ - /* - * lock the process into memory - */ - if (!HAVE_OPT(SAVECONFIGQUIT) && - 0 != mlockall(MCL_CURRENT|MCL_FUTURE)) - msyslog(LOG_ERR, "mlockall(): %m"); # else /* !HAVE_MLOCKALL follows */ # ifdef HAVE_PLOCK # ifdef PROCLOCK @@ -717,22 +712,7 @@ ntpdmain( msyslog(LOG_ERR, "Cannot adjust stack limit for plock: %m"); # endif /* _AIX */ - /* - * lock the process into memory - */ - if (!HAVE_OPT(SAVECONFIGQUIT) && 0 != plock(PROCLOCK)) - msyslog(LOG_ERR, "plock(PROCLOCK): %m"); -# else /* !PROCLOCK follows */ -# ifdef TXTLOCK - /* - * Lock text into ram - */ - if (!HAVE_OPT(SAVECONFIGQUIT) && 0 != plock(TXTLOCK)) - msyslog(LOG_ERR, "plock(TXTLOCK) error: %m"); -# else /* !TXTLOCK follows */ - msyslog(LOG_ERR, "plock() - don't know what to lock!"); -# endif /* !TXTLOCK */ -# endif /* !PROCLOCK */ +# endif /* PROCLOCK */ # endif /* HAVE_PLOCK */ # endif /* !HAVE_MLOCKALL */ @@ -795,6 +775,38 @@ ntpdmain( * since this will definitely be different for the gizmo board. */ getconfig(argc, argv); + + if (do_memlock) { +# if defined(HAVE_MLOCKALL) + /* + * lock the process into memory + */ + if (!HAVE_OPT(SAVECONFIGQUIT) && + 0 != mlockall(MCL_CURRENT|MCL_FUTURE)) + msyslog(LOG_ERR, "mlockall(): %m"); +# else /* !HAVE_MLOCKALL follows */ +# ifdef HAVE_PLOCK +# ifdef PROCLOCK + /* + * lock the process into memory + */ + if (!HAVE_OPT(SAVECONFIGQUIT) && 0 != plock(PROCLOCK)) + msyslog(LOG_ERR, "plock(PROCLOCK): %m"); +# else /* !PROCLOCK follows */ +# ifdef TXTLOCK + /* + * Lock text into ram + */ + if (!HAVE_OPT(SAVECONFIGQUIT) && 0 != plock(TXTLOCK)) + msyslog(LOG_ERR, "plock(TXTLOCK) error: %m"); +# else /* !TXTLOCK follows */ + msyslog(LOG_ERR, "plock() - don't know what to lock!"); +# endif /* !TXTLOCK */ +# endif /* !PROCLOCK */ +# endif /* HAVE_PLOCK */ +# endif /* !HAVE_MLOCKALL */ + } + loop_config(LOOP_DRIFTINIT, 0); report_event(EVNT_SYSRESTART, NULL, NULL); initializing = FALSE;