Univention Bugzilla – Bug 35866
Too many open files messages in samba logfiles
Last modified: 2017-06-06 14:09:32 CEST
Add a plugin that checks the last samba logfiles for "Too many open files" messages. If found, show some information on how the determine the cause and increase the limits: http://forum.univention.de/viewtopic.php?f=48&t=2100 https://forge.univention.org/bugzilla/show_bug.cgi?id=32415 Maybe we could/should add an SDB article to which the plugin could redirect.
(In reply to Janis Meybohm from comment #0) > Add a plugin that checks the last samba logfiles for "Too many open files" > messages. > > If found, show some information on how the determine the cause and increase > the limits: > http://forum.univention.de/viewtopic.php?f=48&t=2100 > https://forge.univention.org/bugzilla/show_bug.cgi?id=32415 > > Maybe we could/should add an SDB article to which the plugin could redirect. Yes: Bug #35868.
Which logfiles can contain the error? Only /var/log/samba/log.smbd? Or every logfile in /var/log/samba? Other logfiles? How often can the string occur so that the message is irrelevant?
It's most likely in /var/log/samba/log.smbd but every log may contain the message (meaning different things and requires different steps to fix of cause). See http://forum.univention.de/viewtopic.php?f=48&t=2464#p8650 for an example "Too many open files, unable to open more! smbd's max open files = 16404"
The plugin has been added as security_limits.py. It has the following output: Critical: Security limits exceeded The security limits (e.g. for max_open_files) are currently not configured properly. This can cause several different serious problems (e.g. the login at samba servers may be impossible, file operations (copy, move) on shares can fail, etc.) It is suggested to increase the security limits either manually by using "Univention Configuration Registry" module or to use the automatically suggested limits: security/limits/user/*/soft/nofile=32828 security/limits/user/*/hard/nofile=32828 [Adjust to suggested limits] The plugin will be marked as failed if the string "Too many open files" occurs at least once in /var/log/samba/log.smbd and the limits are smaller than 32828.
Depending on samba version there might also be a samba specific max_open_files option which needs to be adjusted: "samba/max_open_files"
(In reply to Janis Meybohm from comment #5) > Depending on samba version there might also be a samba specific > max_open_files option which needs to be adjusted: > "samba/max_open_files" Also with the value 32828?
Some additional points: * limits.conf only applys to pam logins, not to things started from init * Our default UCR limits.conf settings for "user" don't apply to root * Both soft and hard limits can be set with "-", see bug 27709 * Starting with errata Bug 34514 we use ulimit in the samba-ad-dc init script samba/max_open_files is used for this. Thus, all the security/limits/* stuff doesn't apply any longer, I guess. Maybe I would restrict the recommendation to samba/max_open_files. * The value of "32828" seems like a pretty arbitrary number, in the recommendation message I would suggest 32768. * For our peculiar numerical default for samba/max_open_files see Bug 34514 Comment 6 * Recently the samba default has been raised to 16384 (affects UCS 4.0). * For the actual maximum value samba takes the minimum of system supplied limits and it's own "max open files" limit. * See bug 32327 for inotify limits relevant for samba. Don't know if this can be covered here as well. If not, a separate bug should be created.
Move all unfinished MS1 and MS2 bugs to RC.
(In reply to Florian Best from comment #6) > (In reply to Janis Meybohm from comment #5) > > Depending on samba version there might also be a samba specific > > max_open_files option which needs to be adjusted: > > "samba/max_open_files" > Also with the value 32828? Florian, I think you can split it into a new bug.
Bug #36245 was created for the other things. For now closing it with the current state.
* maybe better to read the log.smbd line pre line (log.smbd can become very big) with open("log.txt") as infile: for line in infile: do_something_with(line) * The test for security/limits/user/*/soft|hard/nofile makes no sence for samba since 3.2-3 samba3/samba4 uses samba/max_open_files please replace 'security/limits/user/*/soft/nofile' resp. 'security/limits/user/*/hard/nofile' with samba/max_open_files
(In reply to Felix Botner from comment #11) > * maybe better to read the log.smbd line pre line (log.smbd can become very > big) yes, it is now read per line. > * The test for security/limits/user/*/soft|hard/nofile makes no sence for > samba samba/max_open_files with default of 32768 is now used instead.
(In reply to Florian Best from comment #12) > (In reply to Felix Botner from comment #11) > > * maybe better to read the log.smbd line pre line (log.smbd can become very > > big) > yes, it is now read per line. > > > * The test for security/limits/user/*/soft|hard/nofile makes no sence for > > samba > samba/max_open_files with default of 32768 is now used instead. our default is samba/max_open_files?32808, so better check this value (or should we increase our default in univention-samba(4)?)
(In reply to Felix Botner from comment #13) The default has been adapted.
Traceback (most recent call last): File "/usr/lib/pymodules/python2.7/univention/management/console/modules/diagnostic/__init__.py", line 245, in execute result = execute(**kwargs) File "/usr/lib/pymodules/python2.7/univention/management/console/modules/diagnostic/plugins/security_limits.py", line 59, in adjust 'samba/max_open_files=%d' % (suggested_limit_hard,) NameError: global name 'suggested_limit_hard' is not defined
fixed typo
OK
UCS 4.0-0 has been released: http://docs.univention.de/release-notes-4.0-0-en.html http://docs.univention.de/release-notes-4.0-0-de.html If this error occurs again, please use "Clone This Bug".
*** Bug 36345 has been marked as a duplicate of this bug. ***