Ubuntu
squid package

Squid no longer uses $SQUID_MAXFD

Bug #580590 reported by Ian Redfern
26
This bug affects 4 people
Affects Status Importance Assigned to Milestone
squid (Ubuntu)
Confirmed
Wishlist
Unassigned

Bug Description

Binary package hint: squid

After upgrading to lucid, squid ignores the setting of SQUID_MAXFD in /etc/default/squid and always uses 1024 file descriptors, which is too few for a busy proxy.

The old /etc/init.d/squid used to contain:

maxfds () {
        [ -n "$SQUID_MAXFD" ] || return
        [ -f /proc/sys/fs/file-max ] || return 0
        global_file_max=`cat /proc/sys/fs/file-max`
        minimal_file_max=$(($SQUID_MAXFD + 4096))
        if [ "$global_file_max" -lt $minimal_file_max ]
        then
                echo $minimal_file_max > /proc/sys/fs/file-max
        fi
        ulimit -n $SQUID_MAXFD
}

Could we have it back in the new /etc/init/squid.conf?

Tags: patch

Related branches

lp:ubuntu/maverick/squid

CVE References

Revision history for this message
Chuck Short (zulcss) wrote :

This will be fixed in maverick.

chuck

Changed in squid (Ubuntu):
importance: Undecided → Wishlist
status: New → Confirmed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package squid - 2.7.STABLE9-2ubuntu1

---------------
squid (2.7.STABLE9-2ubuntu1) maverick; urgency=low

  * Merge from debian unstable, remaining changes:
    + 99-ubuntu-ssl-cert-snakeoil:
      - src/cf.data.pre:
        * Add reference to snakeoil /etc/ssl
       - debian/control:
        + Add ssl-cert to Depends to brin in snakeoil certificates.
    + debian/logrotate: use sarg-reports rather than sarg-maint. (LP: #268816)
    + debian/patches/99-fix-storeurl-move-temp.dpatch: Fix bug with 302 response moved temporarily.
      (LP: #503777)
    + debian/squid.upstart, debian/rules: Convert initscripts to upstart.
    + debian/patches/90-cf.data.ubuntu.dpatch: Add an example refresh pattern for debs
      (foundations-lucid-local-report spec)
    + debian/rules: Disable optimizations for arm. (LP: #543798)
    + Dropped:
      + debian/patches/99-squid-capability.dpatch: No longer needed.
      + debian/patches/08-CVE-2010-0308.dpatch: No longer needed.
      + debian/patches/09-CVE-2010-0639.dpatch: No longer needed.

   [Chuck Short]
   * debian/squid.upstart: Re-add maxfds. (LP: #580590)
 -- Chuck Short <email address hidden> Fri, 02 Jul 2010 13:43:09 -0400

Changed in squid (Ubuntu):
status: Confirmed → Fix Released
Revision history for this message
bec (support-bec) wrote :

After testing the changes in the squid upstart configuration introduced by commit 51, package squid (2.7.STABLE9-2ubuntu1) maverick, it seems that the max filedescriptors ulimit is still not applied.
Setting the ulimit using the "script" section (instead of setting it in the "pre-start script" section) works.

Chris Jones (cmsj)
Changed in squid (Ubuntu):
status: Fix Released → Confirmed
Revision history for this message
Tim Nicholas (tjn) wrote :

Fix Released? I can't see anything that looks like a fix. Can someone post a link? Maybe I'm just not working launchpad properly.

As Rober Fischer The maxfds() subroutine needs to be in the 'script' section...

Or something like

limit nofile 65536 65536

could be added above 'expect fork'.

I've attached my working /etc/init/squid.conf

Revision history for this message
Andrew Glen-Young (aglenyoung) wrote :

Steps to reproduce
==================

Initial Install and Tests
-------------------------

$ sudo apt-get install squid squid-client
$ grep MAX /etc/default/squid·
SQUID_MAXFD=1024
$ sudo status squid
squid start/running, process 2671
$ squidclient -p 3128 -l 127.0.0.1 -h 127.0.0.1 mgr:info | grep 'Maximum number'
    Maximum number of file descriptors: 1024

Change SQUID_MAXFD and try again
--------------------------------

$ sudo sed -i 's/SQUID_MAXFD=1024/SQUID_MAXFD=65536/' /etc/default/squid
$ grep MAX /etc/default/squid·
SQUID_MAXFD=65536
$ sudo stop squid
squid stop/waiting
$ sudo start squid
squid start/running, process 2758
$ squidclient -p 3128 -l 127.0.0.1 -h 127.0.0.1 mgr:info | grep 'Maximum number'
    Maximum number of file descriptors: 1024

Apply the patch (attached) and retry:
-------------------------------------

$ sudo vi /etc/init/squid.conf
[ patch ]
$ sudo status squid
squid stop/waiting
$ sudo start squid
squid start/running, process 2794
$ squidclient -p 3128 -l 127.0.0.1 -h 127.0.0.1 mgr:info | grep 'Maximum number'
    Maximum number of file descriptors: 65536

That's more like it!

Note: LP#573853 was affecting me as well so I'm also running squid on Lucid with this patch applied as well.

Brian Murray (brian-murray)
tags: added: patch
Revision history for this message
DiegoWoitasen (diego-woitasen) wrote :

The bug still exists in 11.10

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.