andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone

Blame SOURCES/0024-Issue-49990-Need-to-enforce-a-hard-maximum-limit-for.patch

8394b4
From 34c90ca8448890a439aa4282025955b0dfcfb1c3 Mon Sep 17 00:00:00 2001
8394b4
From: Mark Reynolds <mreynolds@redhat.com>
8394b4
Date: Thu, 23 Jan 2020 14:38:13 -0500
8394b4
Subject: [PATCH 01/12] Issue 49990 - Need to enforce a hard maximum limit for
8394b4
 file descriptors
8394b4
8394b4
Description: on some platforms the maximum FD limit is high it can cause
8394b4
             a OOM at server startup.  So we need to add a hard maximum
8394b4
             limit.
8394b4
8394b4
relates: https://pagure.io/389-ds-base/issue/49990
8394b4
8394b4
Reviewed by: firstyear & tbordaz (Thanks!!)
8394b4
---
8394b4
 ldap/servers/slapd/libglobs.c | 10 +++++++---
8394b4
 ldap/servers/slapd/slap.h     |  4 ++--
8394b4
 2 files changed, 9 insertions(+), 5 deletions(-)
8394b4
8394b4
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
8394b4
index 66170ebc6..348de43cd 100644
8394b4
--- a/ldap/servers/slapd/libglobs.c
8394b4
+++ b/ldap/servers/slapd/libglobs.c
8394b4
@@ -1559,7 +1559,9 @@ FrontendConfig_init(void)
8394b4
 #endif
8394b4
     /* Default the maximum fd's to the maximum allowed */
8394b4
     if (getrlimit(RLIMIT_NOFILE, &rlp) == 0) {
8394b4
-        maxdescriptors = (int64_t)rlp.rlim_max;
8394b4
+        if ((int64_t)rlp.rlim_max < SLAPD_DEFAULT_MAXDESCRIPTORS) {
8394b4
+            maxdescriptors = (int64_t)rlp.rlim_max;
8394b4
+        }
8394b4
     }
8394b4
 
8394b4
     /* Take the lock to make sure we barrier correctly. */
8394b4
@@ -4324,7 +4326,7 @@ config_set_maxdescriptors(const char *attrname, char *value, char *errorbuf, int
8394b4
 {
8394b4
     int32_t retVal = LDAP_SUCCESS;
8394b4
     int64_t nValue = 0;
8394b4
-    int64_t maxVal = 524288;
8394b4
+    int64_t maxVal = SLAPD_DEFAULT_MAXDESCRIPTORS;
8394b4
     struct rlimit rlp;
8394b4
     char *endp = NULL;
8394b4
 
8394b4
@@ -4335,7 +4337,9 @@ config_set_maxdescriptors(const char *attrname, char *value, char *errorbuf, int
8394b4
     }
8394b4
 
8394b4
     if (0 == getrlimit(RLIMIT_NOFILE, &rlp)) {
8394b4
-        maxVal = (int)rlp.rlim_max;
8394b4
+        if ((int64_t)rlp.rlim_max < maxVal) {
8394b4
+            maxVal = (int64_t)rlp.rlim_max;
8394b4
+        }
8394b4
     }
8394b4
 
8394b4
     errno = 0;
8394b4
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
8394b4
index 44f6be97a..96ce7d402 100644
8394b4
--- a/ldap/servers/slapd/slap.h
8394b4
+++ b/ldap/servers/slapd/slap.h
8394b4
@@ -348,8 +348,8 @@ typedef void (*VFPV)(); /* takes undefined arguments */
8394b4
 
8394b4
 #define SLAPD_DEFAULT_PAGEDSIZELIMIT 0
8394b4
 #define SLAPD_DEFAULT_PAGEDSIZELIMIT_STR "0"
8394b4
-#define SLAPD_DEFAULT_MAXDESCRIPTORS 8192
8394b4
-#define SLAPD_DEFAULT_MAXDESCRIPTORS_STR "8192"
8394b4
+#define SLAPD_DEFAULT_MAXDESCRIPTORS 1048576
8394b4
+#define SLAPD_DEFAULT_MAXDESCRIPTORS_STR "1048576"
8394b4
 #define SLAPD_DEFAULT_MAX_FILTER_NEST_LEVEL 40
8394b4
 #define SLAPD_DEFAULT_MAX_FILTER_NEST_LEVEL_STR "40"
8394b4
 #define SLAPD_DEFAULT_GROUPEVALNESTLEVEL 0
8394b4
-- 
8394b4
2.21.1
8394b4