On 21/06/2014 4:58 a.m., Fernando Lozano wrote: > Hi James, > > >> On 2014-06-20 09:10, amaury@xxxxxx wrote: >>> I had configured >>> /etc/security/limits.conf >>> squid soft nofile >>> 16384 >>> squid hard nofile 16384 >>> root soft nofile 16384 >>> >>> root hard nofile 16384 >>> >>> but to resolve the problem I have to add >>> into /et/init.d/squid >>> #set fildedescriptor >>> set -e >>> ulimit -n 16384 >>> >>> >>> thank Eliezer >> >> I've found that adding: >> >> * - nofile 16384 >> >> To limits.conf works as well. > > That's expected: /etc/init.d/squid doesn't honors limits.conf. But you > changed the limit for all users, root will get then and so will squid > when started. > > That's why I told you to put an ulimit command on /etc/sysconfig/squid, > so you can increase the limit just for squid and not for the whole system. > > > []s, Fernando Lozano > Just to explain this so people know... When you run "squid" the binary which is manually (or by the OS startup scripts) run is a daemon manager process. That needs running as root user so it can do things like reading the system config files and opening privileged socket types. Only when that is all done does it drop back to the low privilege "squid"/"proxy" account. Which means when the security/limits.conf are being loaded it is the "root" user account. Amos
