socketpair failed: Too many open files on Debian 9
Patrick Westenberg
pw at wk-serv.de
Fri Aug 25 10:58:59 EEST 2017
Hi,
I think LimitNOFILE=infinity solved my problem.
No errors since almost two days.
Thanks!
Patrick
Hajo Locke schrieb:
> Hello,
>
> are you using systemd? May be you have to edit unit-file for
> dovecotservice and increase filelimit
>
> LimitNOFILE=infinity
>
> Hajo
>
> Am 23.08.2017 um 14:21 schrieb Patrick Westenberg:
>> I haven't done this on the old, working machine.
>>
>> So there must be a difference between Debian 7 and 9 how open files are
>> handled?
>>
>> Regards
>> Patrick
>>
>>
>>
>> Aki Tuomi schrieb:
>>> You probably need to increase ulimit -n
>>>
>>> Aki
>>>
>>>
>>> On 23.08.2017 14:10, Patrick Westenberg wrote:
>>>> Hi @all,
>>>>
>>>> after re-installing one of my two frontends/proxy-servers I get the
>>>> following error messages after some time (sometimes after 1h, sometimes
>>>> after 24h):
>>>>
>>>>
>>>> 11:23:55 imap-login: Error: socketpair() failed: Too many open files
>>>> 11:23:55 imap-login: Error: socketpair() failed: Too many open files
>>>> 11:23:56 imap-login: Error: socketpair() failed: Too many open files
>>>> 11:23:56 imap-login: Error: socketpair() failed: Too many open files
>>>> 11:23:57 imap-login: Error: socketpair() failed: Too many open files
>>>>
>>>> 11:26:17 imap-login: Error: socket() failed: Too many open files
>>>> 11:26:17 imap-login: Error: proxy(post at example.com):
>>>> connect(172.17.1.1,
>>>> 143) failed: Too many open files (after 0 secs):
>>>> user=<post at example.com>, method=PLAIN, rip=x.x.x.x, lip=x.x.x.x, TLS,
>>>> session=<FgPWTWhXa8dQjLoi>
>>>> 11:26:17 imap-login: Error: socketpair() failed: Too many open files
>>>> 11:26:17 imap-login: Error: proxy: SSL handshake failed to
>>>> 172.17.1.1:143: user=<post at example.com>, method=PLAIN, rip=x.x.x.x,
>>>> lip=x.x.x.x, TLS, session=<HALWTWhXasdQjLoi>
>>>> 11:26:17 imap-login: Error: socket() failed: Too many open files
>>>> 11:26:17 imap-login: Error: proxy(post at example.com):
>>>> connect(172.17.1.1,
>>>> 143) failed: Too many open files (after 0 secs):
>>>> user=<post at example.com>, method=LOGIN, rip=x.x.x.x, lip=x.x.x.x, TLS,
>>>> session=<HALWTWhXasdQjLoi>
>>>> 11:26:17 imap-login: Error: socketpair() failed: Too many open files
>>>> 11:26:17 imap-login: Error: proxy: SSL handshake failed to
>>>> 172.17.1.1:143: user=<post at example.com>, method=LOGIN, rip=x.x.x.x,
>>>> lip=x.x.x.x, TLS, session=<FgPWTWhXa8dQjLoi>
>>>> 11:26:17 imap-login: Error: socket() failed: Too many open files
>>>>
>>>>
>>>> As I switched from KVM to LXC my first idea was that this could be
>>>> caused by LXC but this even happens with KVM.
>>>> I tried dovecot 2.2.31 and 2.2.32.rc2. OS is Debian 9.
>>>>
>>>> These problems don't occur on my old machine (Debian 7).
>>>>
>>>> Any ideas?
>>>>
>>>> Regards
>>>> Patrick
>>>>
>>>>
>>>>
>>>>
>>>> # 2.2.32.rc2 (a350120ca): /usr/local/etc/dovecot/dovecot.conf
>>>> # Pigeonhole version 0.4.19 (e5c7051)
>>>> # OS: Linux 4.4.67-1-pve x86_64 Debian 9.1
>>>> auth_mechanisms = plain login
>>>> director_mail_servers = 172.17.1.1 172.17.1.2
>>>> director_servers = 172.17.1.32 172.17.1.3
>>>> director_user_expire = 5 mins
>>>> lmtp_proxy = yes
>>>> log_path = /var/log/dovecot.log
>>>> managesieve_notify_capability = mailto
>>>> managesieve_sieve_capability = fileinto reject envelope
>>>> encoded-character vacation subaddress comparator-i;ascii-numeric
>>>> relational regex imap4flags copy include variables body enotify
>>>> environment mailbox date index ihave duplicate mime foreverypart
>>>> extracttext
>>>> protocols = imap pop3 lmtp sieve
>>>> service auth {
>>>> unix_listener /var/spool/postfix/private/auth {
>>>> group = postfix
>>>> mode = 0666
>>>> user = postfix
>>>> }
>>>> unix_listener auth-userdb {
>>>> user = dovecot
>>>> }
>>>> }
>>>> service director {
>>>> fifo_listener login/proxy-notify {
>>>> mode = 0666
>>>> }
>>>> inet_listener {
>>>> address = 172.17.1.32
>>>> port = 9090
>>>> }
>>>> unix_listener director-userdb {
>>>> mode = 0600
>>>> }
>>>> unix_listener login/director {
>>>> mode = 0666
>>>> }
>>>> }
>>>> service imap-login {
>>>> executable = imap-login director
>>>> process_min_avail = 1
>>>> service_count = 0
>>>> }
>>>> service lmtp {
>>>> inet_listener lmtp {
>>>> address = 172.17.1.32
>>>> port = 24
>>>> ssl = yes
>>>> }
>>>> process_min_avail = 20
>>>> }
>>>> service managesieve-login {
>>>> executable = managesieve-login director
>>>> inet_listener sieve {
>>>> port = 4190
>>>> }
>>>> }
>>>> service pop3-login {
>>>> executable = pop3-login director
>>>> }
>>>> ssl_cert = </etc/ssl/certs/certum_wildcard.pem
>>>> ssl_cipher_list =
>>>> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
>>>>
>>>> ssl_dh_parameters_length = 2048
>>>> ssl_key = # hidden, use -P to show it
>>>> ssl_prefer_server_ciphers = yes
>>>> verbose_proctitle = yes
>>>> protocol !smtp {
>>>> passdb {
>>>> args = proxy=y nopassword=y starttls=any-cert
>>>> driver = static
>>>> name =
>>>> }
>>>> }
>>>> protocol smtp {
>>>> passdb {
>>>> args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>>>> driver = sql
>>>> name =
>>>> }
>>>> userdb {
>>>> args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>>>> driver = sql
>>>> name =
>>>> }
>>>> }
>>>> protocol lmtp {
>>>> auth_socket_path = director-userdb
>>>> }
>>>>
>>>> ulimit -a
>>>> core file size (blocks, -c) 0
>>>> data seg size (kbytes, -d) unlimited
>>>> scheduling priority (-e) 0
>>>> file size (blocks, -f) unlimited
>>>> pending signals (-i) 7978
>>>> max locked memory (kbytes, -l) 64
>>>> max memory size (kbytes, -m) unlimited
>>>> open files (-n) 1024
>>>> pipe size (512 bytes, -p) 8
>>>> POSIX message queues (bytes, -q) 819200
>>>> real-time priority (-r) 0
>>>> stack size (kbytes, -s) 8192
>>>> cpu time (seconds, -t) unlimited
>>>> max user processes (-u) 7978
>>>> virtual memory (kbytes, -v) unlimited
>>>> file locks (-x) unlimited
>>>>
>>>>
>>>> ###########################
>>>>
>>>>
>>>> This machine has no problems:
>>>>
>>>> # 2.2.18: /usr/local/etc/dovecot/dovecot.conf
>>>> # Pigeonhole version 0.4.8 (0c4ae064f307+)
>>>> # OS: Linux 3.16.0-0.bpo.4-amd64 x86_64 Debian 7.11
>>>> auth_mechanisms = plain login
>>>> director_mail_servers = 172.17.1.1 172.17.1.2
>>>> director_servers = 172.17.1.3 172.17.1.32
>>>> director_user_expire = 5 mins
>>>> lmtp_proxy = yes
>>>> log_path = /var/log/dovecot.log
>>>> managesieve_notify_capability = mailto
>>>> managesieve_sieve_capability = fileinto reject envelope
>>>> encoded-character vacation subaddress comparator-i;ascii-numeric
>>>> relational regex imap4flags copy include variables body enotify
>>>> environment mailbox date index ihave duplicate
>>>> protocols = imap pop3 lmtp sieve
>>>> service auth {
>>>> unix_listener /var/spool/postfix/private/auth {
>>>> group = postfix
>>>> mode = 0666
>>>> user = postfix
>>>> }
>>>> unix_listener auth-userdb {
>>>> user = dovecot
>>>> }
>>>> }
>>>> service director {
>>>> fifo_listener login/proxy-notify {
>>>> mode = 0666
>>>> }
>>>> inet_listener {
>>>> address = 172.17.1.3
>>>> port = 9090
>>>> }
>>>> unix_listener director-userdb {
>>>> mode = 0600
>>>> }
>>>> unix_listener login/director {
>>>> mode = 0666
>>>> }
>>>> }
>>>> service imap-login {
>>>> executable = imap-login director
>>>> process_min_avail = 1
>>>> service_count = 0
>>>> }
>>>> service lmtp {
>>>> inet_listener lmtp {
>>>> address = 172.17.1.3
>>>> port = 24
>>>> ssl = yes
>>>> }
>>>> process_min_avail = 20
>>>> }
>>>> service managesieve-login {
>>>> executable = managesieve-login director
>>>> inet_listener sieve {
>>>> port = 4190
>>>> }
>>>> }
>>>> service pop3-login {
>>>> executable = pop3-login director
>>>> }
>>>> ssl_cert = </etc/ssl/certs/certum_wildcard.pem
>>>> ssl_cipher_list =
>>>> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
>>>>
>>>> ssl_dh_parameters_length = 2048
>>>> ssl_key = </etc/ssl/private/certum_wildcard.key
>>>> ssl_prefer_server_ciphers = yes
>>>> ssl_protocols = !SSLv3 !SSLv2
>>>> verbose_proctitle = yes
>>>> protocol !smtp {
>>>> passdb {
>>>> args = proxy=y nopassword=y starttls=any-cert
>>>> driver = static
>>>> name =
>>>> }
>>>> }
>>>> protocol smtp {
>>>> passdb {
>>>> args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>>>> driver = sql
>>>> name =
>>>> }
>>>> userdb {
>>>> args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>>>> driver = sql
>>>> name =
>>>> }
>>>> }
>>>> protocol lmtp {
>>>> auth_socket_path = director-userdb
>>>> }
>>>>
>>>>
>>>> ulimit -a
>>>> core file size (blocks, -c) 0
>>>> data seg size (kbytes, -d) unlimited
>>>> scheduling priority (-e) 0
>>>> file size (blocks, -f) unlimited
>>>> pending signals (-i) 257548
>>>> max locked memory (kbytes, -l) 64
>>>> max memory size (kbytes, -m) unlimited
>>>> open files (-n) 1024
>>>> pipe size (512 bytes, -p) 8
>>>> POSIX message queues (bytes, -q) 819200
>>>> real-time priority (-r) 0
>>>> stack size (kbytes, -s) 8192
>>>> cpu time (seconds, -t) unlimited
>>>> max user processes (-u) 257548
>>>> virtual memory (kbytes, -v) unlimited
>>>> file locks (-x) unlimited
More information about the dovecot
mailing list