#702 closed defect (invalid)
too many open files (/dev/urandom)
| Reported by: | Bruno Bigras | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-core | Version: | 1.7.x |
| Keywords: | Cc: | ||
| uname -a: | Linux ubuntunew 3.13.0-44-generic #73-Ubuntu SMP Tue Dec 16 00:23:46 UTC 2014 i686 i686 i686 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.7.9
built by gcc 4.8.2 (Ubuntu 4.8.2-19ubuntu1) TLS SNI support enabled configure arguments: --prefix=/etc/nginx --add-module=/home/bbigras/nginx/nginx-1.7.9/debian/modules/naxsi/naxsi_src --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --add-module=/home/bbigras/nginx/nginx-1.7.9/debian/modules/ngx_http_auth_pam_module-1.2 --add-module=/home/bbigras/nginx/nginx-1.7.9/debian/modules/ngx_http_enhanced_memcached_module --with-file-aio --with-http_spdy_module --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' --with-ipv6 |
||
Description
I have this problem where nginx stops accepting requests and I see 'too many files open' in the logs.
When I use ls -l /proc/<pid of one worker>/fd, I see a lot of /dev/urandom entries.
It seems that when I access a vhost that uses fastcgi (nagios and gitweb), the number of urandom entries increase and doesn't get released.
I don't know what to do next.
Change History (4)
comment:1 by , 9 years ago
comment:2 by , 9 years ago
I don't have the problem when I don't have any 3rd-party modules.
I tested and the problem seems to be caused by Auth PAM. I'll try to contact the author.
comment:3 by , 9 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
Please also note that the module uses the PAM library which doesn't have asynchronous API, so it can block event loop and significantly degrade performance of nginx.
I close this ticket as the issue is caused by 3rd-party code.
comment:4 by , 9 years ago
Thanks for the tip. I'll try nginx-auth-ldap instead.
Just in case someone find this bug one day. There was a similar problem with OpenVPN with LDAP+TLS in 2009.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=543941
http://thread.gmane.org/gmane.comp.encryption.gpg.libgcrypt.devel/2125
Could you reproduce the problem without 3rd-party modules?