squid3 open file descriptors limit is set incorrectly

Bug #986159 reported by Timur Irmatov
32
This bug affects 5 people
Affects Status Importance Assigned to Milestone
squid3 (Ubuntu)
Fix Released
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned

Bug Description

As far as I can see, upstart configuration file for squid3 tries to raise limit of open file descriptors to 65535 in pre-start script. Apparently, this is not working as expected, because squid3 starts and reports 'With 1024 file descriptors available' in cache.log

Moving ulimit -n 65535 to script section that starts squid itself solves this. Patch to /etc/init/squid3.conf:

--- squid3.conf 2012-04-20 17:37:12.636701094 +0500
+++ squid3.conf.new 2012-04-20 17:37:04.624866173 +0500
@@ -47,9 +47,6 @@
  then
   /usr/sbin/squid3 $SQUID_ARGS -z -f $CONFIG
  fi
-
- umask 027
- ulimit -n 65535
 end script

 script
@@ -57,5 +54,7 @@
   . /etc/default/squid3
  fi

+ umask 027
+ ulimit -n 65535
  exec /usr/sbin/squid3 -N $SQUID_ARGS -f $CONFIG
 end script

P.S. System is Ubuntu 12.04 fully updated as of 2012-04-20.

Timur Irmatov (irmatov)
description: updated
Revision history for this message
Robie Basak (racb) wrote :

Bug and fix verified.

Changed in squid3 (Ubuntu):
status: New → Triaged
Revision history for this message
Robie Basak (racb) wrote :

Timur,

Thank you for taking the time to report this bug and helping to make Ubuntu better.

Unfortunately, we're in Final Freeze at the moment (https://wiki.ubuntu.com/FinalFreeze), pending the imminent release next week.

I wonder if you can give us any information on the impact of this bug? If we release without this fix, how many people are likely to be affected? Do you think this bug is severe enough to warrant a freeze exception?

I think that this bug won't affect most users, and of course there's an easy workaround by fixing the config file by hand, so it probably doesn't justify a freeze exception. Or is this inaccurate?

The alternatives are to either issue a Stable Release Update after release (https://wiki.ubuntu.com/StableReleaseUpdates), or to defer the fix until the next release.

Thanks,

Robie

Revision history for this message
Steve Beattie (sbeattie) wrote :

Hi,

I've attached a debidff to bug 986314 that addresses that issue as well as this one for an SRU.

Steve Beattie (sbeattie)
Changed in squid3 (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Micah Gersten (micahg) wrote :

Waiting in unapproved for precise-proposed

Changed in squid3 (Ubuntu Precise):
importance: Medium → Undecided
status: Triaged → Fix Committed
importance: Undecided → Medium
Revision history for this message
Timur Irmatov (irmatov) wrote : Re: [Bug 986159] Re: squid3 open file descriptors limit is set incorrectly

On Fri, Apr 20, 2012 at 9:29 PM, Robie Basak <email address hidden> wrote:
> I wonder if you can give us any information on the impact of this bug?
> If we release without this fix, how many people are likely to be
> affected? Do you think this bug is severe enough to warrant a freeze
> exception?

> I think that this bug won't affect most users, and of course there's an
> easy workaround by fixing the config file by hand, so it probably
> doesn't justify a freeze exception. Or is this inaccurate?

I agree. Squid is a server side application and most system
administrators running heavy proxy are aware of file descriptor issues
and easily can make necessary changes themselves.

> The alternatives are to either issue a Stable Release Update after
> release (https://wiki.ubuntu.com/StableReleaseUpdates), or to defer the
> fix until the next release.

That would be great.

--
Timur Irmatov, xmpp:<email address hidden>

Revision history for this message
Martin Pitt (pitti) wrote : Please test proposed package

Hello Timur, or anyone else affected,

Accepted squid3 into precise-proposed. The package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

tags: added: verification-needed
Revision history for this message
Sebastien Bacher (seb128) wrote :

Could someone verify that fix so the update can be moved out of staging where it's waiting?

Revision history for this message
Timur Irmatov (irmatov) wrote :

We will receive a new hardware for our proxy server in the coming days. Then we'll test new package and report back.

As we are here, may be it is better to use upstart's directives (umask and limit) for these things?

Revision history for this message
Timur Irmatov (irmatov) wrote :

I can confirm that squid3 installed from precise-proposed (3.1.19-1ubuntu3) has open files limit correctly set to 65535.

tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package squid3 - 3.1.19-1ubuntu3

---------------
squid3 (3.1.19-1ubuntu3) precise-proposed; urgency=low

  * debian/rules: re-enable all hardening options lost in the
    squid->squid3 transition (LP: #986314)
  * debian/squid3.upstart: move ulimit command to script section
    so that it applies to the started squid daemon. Thanks to Timur
    Irmatov (LP: #986159)
 -- Steve Beattie <email address hidden> Fri, 20 Apr 2012 11:09:46 -0700

Changed in squid3 (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package squid3 - 3.1.19-1ubuntu3.1

---------------
squid3 (3.1.19-1ubuntu3.1) quantal; urgency=low

  * debian/rules: re-enable all hardening options lost in the
    squid->squid3 transition (LP: #986314)
  * debian/squid3.upstart: move ulimit command to script section
    so that it applies to the started squid daemon. Thanks to Timur
    Irmatov (LP: #986159)
 -- Jamie Strandboge <email address hidden> Wed, 13 Jun 2012 09:06:51 -0500

Changed in squid3 (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.