Ubuntu 21.10 ulimit(打开文件描述符)无法正确应用

tag-icon tag-icon ubuntu pam limits max-file-descriptors file-descriptors
Ubuntu 21.10 ulimit(打开文件描述符)无法正确应用

这种情况很奇怪,因为我有两台相同的服务器,上面有相同的应用程序,但是

在一台服务器上,我从自定义应用程序收到 ulimit 错误,ulimit error: too many open files但在另一台服务器上,它按预期工作。

我确实确保配置是相同的,但我不知道为什么会这样做。

事实

/etc/systemd/system.conf DefaultLimitNOFILE=100000000:100000000

/etc/systemd/用户.conf DefaultLimitNOFILE=10000000

/etc/security/limits.conf

arserver         soft     nproc          10000000
arserver         hard     nproc          10000000
arserver        soft     nofile         10000000
arserver        hard     nofile         10000000
root soft     nproc          10000000
root hard     nproc          10000000
root soft     nofile         10000000
root hard     nofile         10000000

猫/etc/sysctl.conf

net.core.rmem_default = 65536
net.core.wmem_default = 65536
net.core.rmem_max = 8388608
net.core.wmem_max = 8388608
net.ipv4.tcp_max_orphans = 4096
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_reordering = 3
net.ipv4.tcp_fastopen = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 32768 65535
vm.nr_hugepages = 1250
fs.file-max = 10000000

cat tracelog | grep pam_limits

arserver@arserver03:/carmicli/carmi$ cat testlog1 | grep limits
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/security/pam_limits.so", O_RDONLY|O_CLOEXEC) = 7
openat(AT_FDCWD, "/proc/1/limits", O_RDONLY) = 7
openat(AT_FDCWD, "/etc/security/limits.conf", O_RDONLY) = 7
read(7, "# /etc/security/limits.conf\n#\n#E"..., 4096) = 2345
openat(AT_FDCWD, "/etc/security/limits.d", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 7
openat(AT_FDCWD, "/proc/1/limits", O_RDONLY) = 7
openat(AT_FDCWD, "/etc/security/limits.conf", O_RDONLY) = 7
read(7, "# /etc/security/limits.conf\n#\n#E"..., 4096) = 2345
openat(AT_FDCWD, "/etc/security/limits.d", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 7

ulimit -a ulimit 在重启后在 ulimit 中更新,但应用程序仍然无法启动

arserver@arserver03:/carmicli/carmi$ ulimit -a
real-time non-blocking time  (microseconds, -R) unlimited
core file size              (blocks, -c) 0
data seg size               (kbytes, -d) unlimited
scheduling priority                 (-e) 0
file size                   (blocks, -f) unlimited
pending signals                     (-i) 1030919
max locked memory           (kbytes, -l) 32998380
max memory size             (kbytes, -m) unlimited
open files                          (-n) 1048576
pipe size                (512 bytes, -p) 8
POSIX message queues         (bytes, -q) 819200
real-time priority                  (-r) 0
stack size                  (kbytes, -s) 8192
cpu time                   (seconds, -t) unlimited
max user processes                  (-u) 10000000
virtual memory              (kbytes, -v) unlimited
file locks                          (-x) unlimited

还创建了 systemd 服务,看看是否可以像这样覆盖全局限制

[Unit]
Description=Carmi Miner
After=network.target

[Service]
User=root
WorkingDirectory=/app/carmi/
ExecStart=/app/carmi/app.elf
Restart=on-abnormal

LimitNOFILE=1000000000
LimitNOFILESoft=1000000000

[Install]
WantedBy=multi-user.target

但它仍然失败

Apr 08 14:19:45 arserver app.elf[3553]: ulimit error:  too many open files, possibly.
Apr 08 14:19:45 arserver systemd[1]: app.service: Main process exited, code=exited, status=19/n/a
Apr 08 14:19:45 arserver systemd[1]: app.service: Failed with result 'exit-code'.
Apr 08 14:19:45 arserver systemd[1]: app.service: Consumed 21.420s CPU time.

我还将 pam_limits.so 添加到 pam.d 配置中,因为我读到在非 LSB 版本中某些部分可能会缺失它。将必需项添加到 common_session sudo 和 sshd


arserver@arserver03:/app/app$ grep -r "pam_limit" /etc/pam.d/
/etc/pam.d/cron:session    required   pam_limits.so
/etc/pam.d/login:session    required   pam_limits.so
/etc/pam.d/sshd:session    required     pam_limits.so
/etc/pam.d/sudo:session    required   pam_limits.so
/etc/pam.d/su:session    required   pam_limits.so
/etc/pam.d/common-session:session required        pam_limits.so
/etc/pam.d/common-session-noninteractive:session    required   pam_limits.so
/etc/pam.d/runuser:session      required    pam_limits.so

arserver@arserver03:/carmicli/carmi$ grep -r "pam_limit" /etc/pam.d/
/etc/pam.d/cron:session    required   pam_limits.so
/etc/pam.d/login:session    required   pam_limits.so
/etc/pam.d/sshd:session    required     pam_limits.so
/etc/pam.d/sudo:session    required   pam_limits.so
/etc/pam.d/su:session    required   pam_limits.so
/etc/pam.d/common-session:session required        pam_limits.so
/etc/pam.d/common-session-noninteractive:session    required   pam_limits.so
/etc/pam.d/runuser:session      required    pam_limits.so

过去一周我一直在为这个问题而苦恼,如果有人能帮助我我将非常感激。

转到 ubuntu 20.04 是一个选择,但需要很长时间才能移动数据,所以如果可能的话,我更愿意找出解决方案。

更新

当我sudo su以 root 身份执行此操作时,我遇到了同样的问题,但在 auth 日志中出现了此错误

Apr  8 14:45:31 arserver05 su: pam_limits(su:session): Could not set limit for 'nofile' to soft=10000000, hard=10000000: Operation not permitted; uid=0,euid=0
Apr  8 14:45:31 arserver05 su: pam_limits(su:session): Could not set limit for 'nofile' to soft=10000000, hard=10000000: Operation not permitted; uid=0,euid=0

更新2

无法设置上面的 ulimit1048576

root@arserver03:/home/arserver# ulimit -n 1048576
root@arserver03:/home/arserver# ulimit -n 10485767
bash: ulimit: open files: cannot modify limit: Operation not permitted
root@arserver03:/home/arserver# ulimit -n 1048576

相关内容