From 6da042d7c6e516cb9044f24f33df2a683c7de8fe Mon Sep 17 00:00:00 2001 From: Uri Simchoni Date: Mon, 22 Jun 2015 06:38:04 +0300 Subject: [PATCH] winbindd: set file descriptor limit according to configuration Set the winbindd process file descriptor limit according to the values that affect it in the configuration: - Maximum number of clients - Number of outgoing connections per domain BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397 Signed-off-by: Uri Simchoni Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke --- source3/include/local.h | 4 ++++ source3/winbindd/winbindd.c | 31 +++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/source3/include/local.h b/source3/include/local.h index 5963eb06747..7f97d4ece9c 100644 --- a/source3/include/local.h +++ b/source3/include/local.h @@ -204,4 +204,8 @@ /* Maximum size of RPC data we will accept for one call. */ #define MAX_RPC_DATA_SIZE (15*1024*1024) +/* A guestimate of how many domains winbindd will be contacting */ +#ifndef WINBIND_MAX_DOMAINS_HINT +#define WINBIND_MAX_DOMAINS_HINT 10 +#endif #endif diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index 4ffe79c41fa..defc9cca1d9 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -48,6 +48,7 @@ static bool client_is_idle(struct winbindd_cli_state *state); static void remove_client(struct winbindd_cli_state *state); +static void winbindd_setup_max_fds(void); static bool opt_nocache = False; static bool interactive = False; @@ -145,6 +146,7 @@ static bool reload_services_file(const char *lfile) reopen_logs(); load_interfaces(); + winbindd_setup_max_fds(); return(ret); } @@ -1130,6 +1132,35 @@ char *get_winbind_priv_pipe_dir(void) return state_path(WINBINDD_PRIV_SOCKET_SUBDIR); } +static void winbindd_setup_max_fds(void) +{ + int num_fds = MAX_OPEN_FUDGEFACTOR; + int actual_fds; + + num_fds += lp_winbind_max_clients(); + /* Add some more to account for 2 sockets open + when the client transitions from unprivileged + to privileged socket + */ + num_fds += lp_winbind_max_clients() / 10; + + /* Add one socket per child process + (yeah there are child processes other than the + domain children but only domain children can vary + with configuration + */ + num_fds += lp_winbind_max_domain_connections() * + (lp_allow_trusted_domains() ? WINBIND_MAX_DOMAINS_HINT : 1); + + actual_fds = set_maxfiles(num_fds); + + if (actual_fds < num_fds) { + DEBUG(1, ("winbindd_setup_max_fds: Information only: " + "requested %d open files, %d are available.\n", + num_fds, actual_fds)); + } +} + static bool winbindd_setup_listeners(void) { struct winbindd_listen_state *pub_state = NULL; -- 2.11.4.GIT