Hi,
I think LimitNOFILE=infinity solved my problem. No errors since almost two days.
Thanks!
Patrick
Hajo Locke schrieb:
Hello,
are you using systemd? May be you have to edit unit-file for dovecotservice and increase filelimit
LimitNOFILE=infinity
Hajo
Am 23.08.2017 um 14:21 schrieb Patrick Westenberg:
I haven't done this on the old, working machine.
So there must be a difference between Debian 7 and 9 how open files are handled?
Regards Patrick
Aki Tuomi schrieb:
You probably need to increase ulimit -n
Aki
On 23.08.2017 14:10, Patrick Westenberg wrote:
Hi @all,
after re-installing one of my two frontends/proxy-servers I get the following error messages after some time (sometimes after 1h, sometimes after 24h):
11:23:55 imap-login: Error: socketpair() failed: Too many open files 11:23:55 imap-login: Error: socketpair() failed: Too many open files 11:23:56 imap-login: Error: socketpair() failed: Too many open files 11:23:56 imap-login: Error: socketpair() failed: Too many open files 11:23:57 imap-login: Error: socketpair() failed: Too many open files
11:26:17 imap-login: Error: socket() failed: Too many open files 11:26:17 imap-login: Error: proxy(post@example.com): connect(172.17.1.1, 143) failed: Too many open files (after 0 secs): user=<post@example.com>, method=PLAIN, rip=x.x.x.x, lip=x.x.x.x, TLS, session=<FgPWTWhXa8dQjLoi> 11:26:17 imap-login: Error: socketpair() failed: Too many open files 11:26:17 imap-login: Error: proxy: SSL handshake failed to 172.17.1.1:143: user=<post@example.com>, method=PLAIN, rip=x.x.x.x, lip=x.x.x.x, TLS, session=<HALWTWhXasdQjLoi> 11:26:17 imap-login: Error: socket() failed: Too many open files 11:26:17 imap-login: Error: proxy(post@example.com): connect(172.17.1.1, 143) failed: Too many open files (after 0 secs): user=<post@example.com>, method=LOGIN, rip=x.x.x.x, lip=x.x.x.x, TLS, session=<HALWTWhXasdQjLoi> 11:26:17 imap-login: Error: socketpair() failed: Too many open files 11:26:17 imap-login: Error: proxy: SSL handshake failed to 172.17.1.1:143: user=<post@example.com>, method=LOGIN, rip=x.x.x.x, lip=x.x.x.x, TLS, session=<FgPWTWhXa8dQjLoi> 11:26:17 imap-login: Error: socket() failed: Too many open files
As I switched from KVM to LXC my first idea was that this could be caused by LXC but this even happens with KVM. I tried dovecot 2.2.31 and 2.2.32.rc2. OS is Debian 9.
These problems don't occur on my old machine (Debian 7).
Any ideas?
Regards Patrick
# 2.2.32.rc2 (a350120ca): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.19 (e5c7051) # OS: Linux 4.4.67-1-pve x86_64 Debian 9.1 auth_mechanisms = plain login director_mail_servers = 172.17.1.1 172.17.1.2 director_servers = 172.17.1.32 172.17.1.3 director_user_expire = 5 mins lmtp_proxy = yes log_path = /var/log/dovecot.log managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { address = 172.17.1.32 port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director process_min_avail = 1 service_count = 0 } service lmtp { inet_listener lmtp { address = 172.17.1.32 port = 24 ssl = yes } process_min_avail = 20 } service managesieve-login { executable = managesieve-login director inet_listener sieve { port = 4190 } } service pop3-login { executable = pop3-login director } ssl_cert = </etc/ssl/certs/certum_wildcard.pem ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length = 2048 ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes verbose_proctitle = yes protocol !smtp { passdb { args = proxy=y nopassword=y starttls=any-cert driver = static name = } } protocol smtp { passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql name = } userdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql name = } } protocol lmtp { auth_socket_path = director-userdb }
ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 7978 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 7978 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited
###########################
This machine has no problems:
# 2.2.18: /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: Linux 3.16.0-0.bpo.4-amd64 x86_64 Debian 7.11 auth_mechanisms = plain login director_mail_servers = 172.17.1.1 172.17.1.2 director_servers = 172.17.1.3 172.17.1.32 director_user_expire = 5 mins lmtp_proxy = yes log_path = /var/log/dovecot.log managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { address = 172.17.1.3 port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director process_min_avail = 1 service_count = 0 } service lmtp { inet_listener lmtp { address = 172.17.1.3 port = 24 ssl = yes } process_min_avail = 20 } service managesieve-login { executable = managesieve-login director inet_listener sieve { port = 4190 } } service pop3-login { executable = pop3-login director } ssl_cert = </etc/ssl/certs/certum_wildcard.pem ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length = 2048 ssl_key = </etc/ssl/private/certum_wildcard.key ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv3 !SSLv2 verbose_proctitle = yes protocol !smtp { passdb { args = proxy=y nopassword=y starttls=any-cert driver = static name = } } protocol smtp { passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql name = } userdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql name = } } protocol lmtp { auth_socket_path = director-userdb }
ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 257548 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 257548 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited