From: Willy Tarreau Date: Fri, 1 Mar 2019 09:32:05 +0000 (+0100) Subject: BUG/MINOR: init: never lower rlim_fd_max X-Git-Tag: v2.0-dev2~139 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e5cfdacb838c776f19e102bd0cacddeda7b06573;p=thirdparty%2Fhaproxy.git BUG/MINOR: init: never lower rlim_fd_max If a ulimit-n value is set, we must not lower the rlim_max value if the new value is lower, we must only adjust the rlim_cur one. The effect is that on very low values, this could prevent a master-worker reload, or make an external check fail by lack of FDs. This may be backported to 1.9 and earlier, but it depends on this patch "MINOR: global: keep a copy of the initial rlim_fd_cur and rlim_fd_max values". --- diff --git a/src/haproxy.c b/src/haproxy.c index 62263e4823..0d42bc0b75 100644 --- a/src/haproxy.c +++ b/src/haproxy.c @@ -2780,7 +2780,9 @@ int main(int argc, char **argv) global.rlimit_nofile = global.maxsock; if (global.rlimit_nofile) { - limit.rlim_cur = limit.rlim_max = global.rlimit_nofile; + limit.rlim_cur = global.rlimit_nofile; + limit.rlim_max = MAX(rlim_fd_max_at_boot, limit.rlim_cur); + if (setrlimit(RLIMIT_NOFILE, &limit) == -1) { /* try to set it to the max possible at least */ getrlimit(RLIMIT_NOFILE, &limit);