socketpair failed: Too many open files on Debian 9
Patrick Westenberg
pw at wk-serv.de
Wed Aug 23 15:21:12 EEST 2017
I haven't done this on the old, working machine.
So there must be a difference between Debian 7 and 9 how open files are
handled?
Regards
Patrick
Aki Tuomi schrieb:
> You probably need to increase ulimit -n
>
> Aki
>
>
> On 23.08.2017 14:10, Patrick Westenberg wrote:
>> Hi @all,
>>
>> after re-installing one of my two frontends/proxy-servers I get the
>> following error messages after some time (sometimes after 1h, sometimes
>> after 24h):
>>
>>
>> 11:23:55 imap-login: Error: socketpair() failed: Too many open files
>> 11:23:55 imap-login: Error: socketpair() failed: Too many open files
>> 11:23:56 imap-login: Error: socketpair() failed: Too many open files
>> 11:23:56 imap-login: Error: socketpair() failed: Too many open files
>> 11:23:57 imap-login: Error: socketpair() failed: Too many open files
>>
>> 11:26:17 imap-login: Error: socket() failed: Too many open files
>> 11:26:17 imap-login: Error: proxy(post at example.com): connect(172.17.1.1,
>> 143) failed: Too many open files (after 0 secs):
>> user=<post at example.com>, method=PLAIN, rip=x.x.x.x, lip=x.x.x.x, TLS,
>> session=<FgPWTWhXa8dQjLoi>
>> 11:26:17 imap-login: Error: socketpair() failed: Too many open files
>> 11:26:17 imap-login: Error: proxy: SSL handshake failed to
>> 172.17.1.1:143: user=<post at example.com>, method=PLAIN, rip=x.x.x.x,
>> lip=x.x.x.x, TLS, session=<HALWTWhXasdQjLoi>
>> 11:26:17 imap-login: Error: socket() failed: Too many open files
>> 11:26:17 imap-login: Error: proxy(post at example.com): connect(172.17.1.1,
>> 143) failed: Too many open files (after 0 secs):
>> user=<post at example.com>, method=LOGIN, rip=x.x.x.x, lip=x.x.x.x, TLS,
>> session=<HALWTWhXasdQjLoi>
>> 11:26:17 imap-login: Error: socketpair() failed: Too many open files
>> 11:26:17 imap-login: Error: proxy: SSL handshake failed to
>> 172.17.1.1:143: user=<post at example.com>, method=LOGIN, rip=x.x.x.x,
>> lip=x.x.x.x, TLS, session=<FgPWTWhXa8dQjLoi>
>> 11:26:17 imap-login: Error: socket() failed: Too many open files
>>
>>
>> As I switched from KVM to LXC my first idea was that this could be
>> caused by LXC but this even happens with KVM.
>> I tried dovecot 2.2.31 and 2.2.32.rc2. OS is Debian 9.
>>
>> These problems don't occur on my old machine (Debian 7).
>>
>> Any ideas?
>>
>> Regards
>> Patrick
>>
>>
>>
>>
>> # 2.2.32.rc2 (a350120ca): /usr/local/etc/dovecot/dovecot.conf
>> # Pigeonhole version 0.4.19 (e5c7051)
>> # OS: Linux 4.4.67-1-pve x86_64 Debian 9.1
>> auth_mechanisms = plain login
>> director_mail_servers = 172.17.1.1 172.17.1.2
>> director_servers = 172.17.1.32 172.17.1.3
>> director_user_expire = 5 mins
>> lmtp_proxy = yes
>> log_path = /var/log/dovecot.log
>> managesieve_notify_capability = mailto
>> managesieve_sieve_capability = fileinto reject envelope
>> encoded-character vacation subaddress comparator-i;ascii-numeric
>> relational regex imap4flags copy include variables body enotify
>> environment mailbox date index ihave duplicate mime foreverypart extracttext
>> protocols = imap pop3 lmtp sieve
>> service auth {
>> unix_listener /var/spool/postfix/private/auth {
>> group = postfix
>> mode = 0666
>> user = postfix
>> }
>> unix_listener auth-userdb {
>> user = dovecot
>> }
>> }
>> service director {
>> fifo_listener login/proxy-notify {
>> mode = 0666
>> }
>> inet_listener {
>> address = 172.17.1.32
>> port = 9090
>> }
>> unix_listener director-userdb {
>> mode = 0600
>> }
>> unix_listener login/director {
>> mode = 0666
>> }
>> }
>> service imap-login {
>> executable = imap-login director
>> process_min_avail = 1
>> service_count = 0
>> }
>> service lmtp {
>> inet_listener lmtp {
>> address = 172.17.1.32
>> port = 24
>> ssl = yes
>> }
>> process_min_avail = 20
>> }
>> service managesieve-login {
>> executable = managesieve-login director
>> inet_listener sieve {
>> port = 4190
>> }
>> }
>> service pop3-login {
>> executable = pop3-login director
>> }
>> ssl_cert = </etc/ssl/certs/certum_wildcard.pem
>> ssl_cipher_list =
>> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
>> ssl_dh_parameters_length = 2048
>> ssl_key = # hidden, use -P to show it
>> ssl_prefer_server_ciphers = yes
>> verbose_proctitle = yes
>> protocol !smtp {
>> passdb {
>> args = proxy=y nopassword=y starttls=any-cert
>> driver = static
>> name =
>> }
>> }
>> protocol smtp {
>> passdb {
>> args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>> driver = sql
>> name =
>> }
>> userdb {
>> args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>> driver = sql
>> name =
>> }
>> }
>> protocol lmtp {
>> auth_socket_path = director-userdb
>> }
>>
>> ulimit -a
>> core file size (blocks, -c) 0
>> data seg size (kbytes, -d) unlimited
>> scheduling priority (-e) 0
>> file size (blocks, -f) unlimited
>> pending signals (-i) 7978
>> max locked memory (kbytes, -l) 64
>> max memory size (kbytes, -m) unlimited
>> open files (-n) 1024
>> pipe size (512 bytes, -p) 8
>> POSIX message queues (bytes, -q) 819200
>> real-time priority (-r) 0
>> stack size (kbytes, -s) 8192
>> cpu time (seconds, -t) unlimited
>> max user processes (-u) 7978
>> virtual memory (kbytes, -v) unlimited
>> file locks (-x) unlimited
>>
>>
>> ###########################
>>
>>
>> This machine has no problems:
>>
>> # 2.2.18: /usr/local/etc/dovecot/dovecot.conf
>> # Pigeonhole version 0.4.8 (0c4ae064f307+)
>> # OS: Linux 3.16.0-0.bpo.4-amd64 x86_64 Debian 7.11
>> auth_mechanisms = plain login
>> director_mail_servers = 172.17.1.1 172.17.1.2
>> director_servers = 172.17.1.3 172.17.1.32
>> director_user_expire = 5 mins
>> lmtp_proxy = yes
>> log_path = /var/log/dovecot.log
>> managesieve_notify_capability = mailto
>> managesieve_sieve_capability = fileinto reject envelope
>> encoded-character vacation subaddress comparator-i;ascii-numeric
>> relational regex imap4flags copy include variables body enotify
>> environment mailbox date index ihave duplicate
>> protocols = imap pop3 lmtp sieve
>> service auth {
>> unix_listener /var/spool/postfix/private/auth {
>> group = postfix
>> mode = 0666
>> user = postfix
>> }
>> unix_listener auth-userdb {
>> user = dovecot
>> }
>> }
>> service director {
>> fifo_listener login/proxy-notify {
>> mode = 0666
>> }
>> inet_listener {
>> address = 172.17.1.3
>> port = 9090
>> }
>> unix_listener director-userdb {
>> mode = 0600
>> }
>> unix_listener login/director {
>> mode = 0666
>> }
>> }
>> service imap-login {
>> executable = imap-login director
>> process_min_avail = 1
>> service_count = 0
>> }
>> service lmtp {
>> inet_listener lmtp {
>> address = 172.17.1.3
>> port = 24
>> ssl = yes
>> }
>> process_min_avail = 20
>> }
>> service managesieve-login {
>> executable = managesieve-login director
>> inet_listener sieve {
>> port = 4190
>> }
>> }
>> service pop3-login {
>> executable = pop3-login director
>> }
>> ssl_cert = </etc/ssl/certs/certum_wildcard.pem
>> ssl_cipher_list =
>> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
>> ssl_dh_parameters_length = 2048
>> ssl_key = </etc/ssl/private/certum_wildcard.key
>> ssl_prefer_server_ciphers = yes
>> ssl_protocols = !SSLv3 !SSLv2
>> verbose_proctitle = yes
>> protocol !smtp {
>> passdb {
>> args = proxy=y nopassword=y starttls=any-cert
>> driver = static
>> name =
>> }
>> }
>> protocol smtp {
>> passdb {
>> args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>> driver = sql
>> name =
>> }
>> userdb {
>> args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>> driver = sql
>> name =
>> }
>> }
>> protocol lmtp {
>> auth_socket_path = director-userdb
>> }
>>
>>
>> ulimit -a
>> core file size (blocks, -c) 0
>> data seg size (kbytes, -d) unlimited
>> scheduling priority (-e) 0
>> file size (blocks, -f) unlimited
>> pending signals (-i) 257548
>> max locked memory (kbytes, -l) 64
>> max memory size (kbytes, -m) unlimited
>> open files (-n) 1024
>> pipe size (512 bytes, -p) 8
>> POSIX message queues (bytes, -q) 819200
>> real-time priority (-r) 0
>> stack size (kbytes, -s) 8192
>> cpu time (seconds, -t) unlimited
>> max user processes (-u) 257548
>> virtual memory (kbytes, -v) unlimited
>> file locks (-x) unlimited
More information about the dovecot
mailing list