Custom Query (2297 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:

Results (10 - 12 of 2297)

1 2 3 4 5 6 7 8 9 10 11 12 13 14
Ticket Resolution Summary Owner Reporter
#2001 worksforme nginx memory leak URL with large cookies and connections with long keepalive_requests 2clarkd@…
Description

*summary*: Persisting upstream connections for a large number of transactions with attribute "keepalive_requests 100000" tends to leak memory rapidly with large URL cookies (ie. > 512 characters). *impact*: memory not freed until large transaction count completes. Cookies leaked in memory pool for re-used connection may be security risk. *workaround*: reduce the keepalive_requests to smaller value (default 100). (minimizes size of leak as connection reset clears memory usage) *topics*; memory leak, large URL cookies, keepalive_requests, *configuration*;

sample URL sample URL command (note cookie text suppressed, likely any 512-1024 byte string will do in one or more cookie variables) curl --cookie "cookie1=1234567890....; cookie2=abcd...; " "http://adevhost/apath/file.sfx?var1=xyz&var2=abc&var3=zyx" Note, client test should have many instances of connections (1000's helpful) with the client re-issuing commands with cookies over long running connections. Curl example is just overview of passing large cookie, not actual test.

cat nginx_leak.conf

worker_processes auto; worker_rlimit_nofile 100000; exacerbates leak

events {

worker_connections 65536; # optimized to serve many clients with each thread, essential for linux use epoll; # accept as many connections as possible multi_accept on;

}

http {

include /etc/nginx/mime.types; default_type application/octet-stream;

# access_log /var/log/nginx/access.log main; rewrite_log on;

keepalive_timeout 30s; keepalive_requests 100000;

proxy_connect_timeout 15s; proxy_send_timeout 15s; proxy_read_timeout 15s; client_body_timeout 15s; client_header_timeout 15s; send_timeout 15s;

expires off; proxy_http_version 1.1; proxy_cache_bypass 1;

proxy_no_cache 1; proxy_set_header Connection "";

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host;

# include /etc/nginx/conf.d/*.conf; # added here for simplification

upstream upstream_leak {

keepalive 300; server 127.0.0.1:8080;

}

server {

listen 80 backlog=1280 default_server ipv6only=off; server_name $hostname;

location ~* \.(sfx)$ {

proxy_pass http://upstream_leak; break;

} location ~ / {

return 403;

}

}

add_header Connection "keep-alive"; add_header Keep-Alive "timeout=15";

}

#2550 duplicate Using the 'sudo ./nginx -t' command results in the issue of the ownership of the 'proxy_temp' and other temporary folders being changed. 333eelrm@…
Description

Hello, I am a DevOps professional from a Chinese company responsible for Nginx product operations. You can call me Peng Li. We encountered the following issue when using Nginx open-source version 1.20.2 in our production environment. On October 12th, we made modifications to the nginx_8000.conf configuration file and executed the 'sudo nginx -t' command. Following this, we noticed that the owner of all temporary files in the nginx directory had been changed to "nobody." Upon consulting the documentation, we discovered that this occurred due to the 'user' directive in the configuration file not being set to the current user.

In light of the above issue, we examined the source code of the '-t' command and have some reservations about its functionality. As a tool for checking and validating Nginx configurations, wouldn't it be more reasonable for 'nginx -t' to produce an error when the user specified in the configuration file via the 'user' directive doesn't match the current owner of the temp files, rather than directly altering the user of the temp folder to "nobody"? We sincerely hope that the official developers can provide us with a detailed explanation. We deeply appreciate your assistance!

#1576 fixed When the file is overwritten by the COPY method under the following conditions, content of copied file is not correct. 373kwsk@…
Description

When the file is overwritten by the COPY method under the following conditions, content of copied file is not correct.

  • OS: CentOS 7.4
  • Nginx Version: 1.12.2 
# nginx
# ps auxf | grep nginx
root     18826  0.0  0.0 112660   972 pts/1    S+   02:45   0:00  |                       \_ grep --color=auto nginx
root     18797  0.0  0.0  46432   988 ?        Ss   02:17   0:00 nginx: master process nginx
nginx    18798  0.0  0.1  46840  2212 ?        S    02:17   0:00  \_ nginx: worker process
# cd /var/lib/nginx
# ls -l
total 0
lrwxrwxrwx. 1 root  root  14 May 15 07:50 dest -> /ext_disk/dest
drwxr-xr-x. 2 nginx nginx 22 May 15 07:59 source
drwxr-xr-x. 2 nginx nginx  6 May 15 07:35 tmp
# ls -l source/.
total 4
-rw-r--r--. 1 nginx nginx 5 May 15 07:40 copy.txt
# cat source/copy.txt
copy
# ls -l dest/.
total 4
-rw-rw-r--. 1 nginx nginx 31 May 16 02:08 copy.txt
# cat dest/copy.txt
123456789012345678901234567890
# curl -XCOPY http://localhost:8080/source/copy.txt -H Destination:/dest/copy.txt
# ls -l source/.
total 4
-rw-r--r--. 1 nginx nginx 5 May 15 07:40 copy.txt
# cat source/copy.txt
copy
# ls -l dest/.
total 4
-rw-rw-r--. 1 nginx nginx 31 May 15 07:40 copy.txt
# cat dest/copy.txt
copy
6789012345678901234567890

I have attached the configuration file, the access log, and the error log at the debug level.

The Overwrite header is not specified (The superscription has been permitted). I expected that the content of "source/copy.txt" and "dest/copy.txt" were equal as a result of COPY.

However, the top part of "dest/copy.txt" is only replaced by "source/copy.txt" . What should I do to get the expected result?

1 2 3 4 5 6 7 8 9 10 11 12 13 14
Batch Modify
Note: See TracBatchModify for help on using batch modify.
Note: See TracQuery for help on using queries.