On Thu, 2011-11-24 at 21:35 +0100, Miguel Tormo wrote:
El Jueves, 24 de Noviembre de 2011 20:25:47 Timo Sirainen escribió:
I'm not sure if changing /etc/security/limits.conf helps. It's probably only used by PAM when user logs in, so if Dovecot is started in system bootup it's unlikely to have been even read yet. Also I think some OSes override the limits in /etc/init.d/ scripts. Of course, I could be completely wrong in all of the above, I haven't really tested any of it
Well actually this is tricky, I'm not sure if it would work after a system boot, but I'm sure it works after a reboot of the service. It is also true what you say that some OSes override the limits in the /etc/init.d/ scripts, for example issuing an 'ulimit -n 4096' (if using bash) before dropping privileges (that should be inherited, but if privileges are dropped using "su" or something that uses PAM, then the /etc/security/limits.conf file comes into play again).
much simpler way without rebuilding is as Timo suggested, just pick your value #!/bin/sh # Start/stop dovecot. ulimit -n 16384
...
Be careful, building in kernel based higher limits means /every/ service and can lead to DoS, this way limits dovecot to 16384, but keeps other stuff like mysql at 4096, and everything else at 1024, bit safer.