squid starts as root, but runs as the proxy user, or rather it changes its uid to that after starting (cache_effective_user). So I'm not sure is max_filedesc is effective before or after the chuid. I'll report back if I get the descriptor warning again. Thanks, Sean On 6 December 2011 10:59, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > On 6/12/2011 7:54 p.m., Sean Boran wrote: >> >> Hi, >> >> On squid proxy using the stock Ubuntu squid packages, the file >> descriptors need to be increased. >> >> I found two suggestions: >> >> http://chrischan.blog-city.com/ubuntu_804_lts_increasing_squid_file_descriptors.htm >> but ulimit -n was still 1024 after rebooting. >> (and it also talks about recompiling squid with >> --with-filedescriptors=8192, but Id prefer to keep the stock ubuntu >> package if possible). >> >> This link: >> >> http://www.cyberciti.biz/faq/squid-proxy-server-running-out-filedescriptors/ >> suggests alternative settings in /etc/security/limits.conf >> but "ulimit -a | grep 'open files'" still says 1024 >> >> There was also a suggestion found to set a value in >> /proc/sys/fs/file-max, but the current value was already 392877 >> >> Finally, the second article suggests (for red hat) just setting >> max_filedesc 4096 >> in squid.conf >> and this actually works, i.e. >> "squidclient -p 80 mgr:info | grep 'file descri'" >> reports 4096 >> >> So my question: is the squid.conf sufficient? How is the squid setting >> related to ulimit, if at all? > > > They are related. ulimit sets the OS limits squid can use, > max_filedescriptors (with its alias for RHEL) sets how many Squid tries to > use. > When Squid is run as root or with the right libcap security privileges it > should not need the ulimit, but if in doubt it wont hurt. > > Amos
