On 2011/07/09 09:45, Claudio Jeker wrote: > On Sat, Jul 09, 2011 at 06:51:04AM +0100, Stuart Henderson wrote: > > On 2011/07/08 20:51, Henning Brauer wrote: > > > CVSROOT: /cvs > > > Module name: src > > > Changes by: henn...@cvs.openbsd.org 2011/07/08 20:51:18 > > > > > > Modified files: > > > usr.sbin/bgpd : rde.c session.c > > > > > > Log message: > > > remove that rlimit code, rc.d and login classes do it much betterer these > > > days. screaming bob ok claudio > > > > > > > Similar code is in a few other places, if it's going from bgpd it > > should be zapped there too. Should we add login.conf sections for > > bgpd, ftp-proxy, inetd, relayd, smtpd and spamd, or just bump > > the default openfiles-cur for daemon to 512 or something and > > maybe add sections for a few daemons that might still have > > trouble with 512 (partly to help with the limits, and partly > > to show people how it's done)? > > At least spamd does set the openfiles-cur based on the maximum number of > connections a users specifies. That code is OK. Daemons setting the limit > to infinity on the otherhands are not.
Should we give an example for at least bgpd? 128 FDs is a bit tight for a peering router and we could do with having at least one daemon shown in login.conf as an example of how to configure this. Index: login.conf.in =================================================================== RCS file: /cvs/src/etc/login.conf.in,v retrieving revision 1.3 diff -u -p -r1.3 login.conf.in --- login.conf.in 17 Dec 2010 05:33:06 -0000 1.3 +++ login.conf.in 26 Jul 2011 12:31:02 -0000 @@ -84,3 +84,10 @@ authpf:\ :welcome=/etc/motd.authpf:\ :shell=/usr/sbin/authpf:\ :tc=default: + +# +# Override resource limits for certain daemons started by rc.d(8) +# +bgpd:\ + :openfiles-cur=512:\ + :tc=daemon: