[ Jim Jagielski ] > On Sep 27, 2006, at 9:13 AM, Kenneth Svee wrote: > >> [ Jim Jagielski ] >> >>> Kenneth Svee wrote: >>>> >>>> I've ported the old config to Apache 2.2, and we're about 11 >>>> vhosts over the limit on the new build. The 1.3.37-server works. >>>> The 2.2.3-server starts if i comment out 11 vhosts. With 10 >>>> vhosts commented out, the server dumps this to the "global" >>>> error_log, and dies: >>>> >>>> [Tue Sep 26 17:16:41 2006] [error] (24)Too many open files: could >>>> not open mime types config file /our/path/to/mime.types. >>>> Configuration Failed >>>> >>>> With 9 vhosts removed it dies with the following message: >>>> >>>> Unable to open logs >>>> >>>> We used the HIGH_SLACK_LINE-flag for our Apache-2.2.3-build as >>>> well, even though the docs[3] say nothing about it. What's the >>>> proper way to do this for Apache 2.2.3? >>> >>> It doesn't exist in 2.2. >> >> Meaning it will not work, or that it should work automatically? Is >> there a way for me to make it work? > > Apache 2.2 doesn't take any special care in "adjusting" fd's in the > way that the optional slack'ing in Apache 1.3 did. The assumption is > that the admin takes care of ensuring that the kernel allows for > sufficient fd's or, if that's not possible, one configures Apache to > be as lean and mean with fd's as possible (eg: combining all > CustomLogs and ErrorLogs, using worker MPM, etc...) To sum up a bit of work here: The reason why my 2.2-server does not start is because I've got too many VirtualHosts in the config. Apache it self does fine at opening all the logs (last logfile gets fd #274), and goes on to open a couple more (mime.types and a file in /tmp/) before it starts to read the certificate files for the SSL-enabled VirtualHosts. This is where it fails. We use OpenSSL as our SSL-library for mod_ssl. When mod_ssl open the first certificate file via the OpenSSL BIO_new_file() (from crypto/bio/bss_file.c in the OpenSSL source) it uses fopen() to open the certificate file. On Solaris (Solaris 8 at least) fopen() cannot open files when the descriptor is greater than 255 (due to using and unsigned char in the _file-field of the FILE-struct). As Apache has already opened 274 descriptors this fopen() fails, and Apache goes down. Apparently [1] using 64-bit binaries will possibly solve this issue, but this is (for several reasons I won't go into here) not something we can do. The alternatives, as Jim mentions, seem to be to reconfigure the server to combine logs, or split it up to get the number of VirtualHosts down to a manageble level. (And if the certificates could been opened earlier in the startup process, that would probably also solve the issue, but is most likely not a good idea, nor feasible to (re)implement in the server. The problem is 32bit Solaris 8 and OpenSSL, not Apache.) [1] http://sunsolve.sun.com/search/document.do?assetkey=1-30-01406-1 Rgds, Kenneth Svee --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|