Re: [mod-security-users] Nginx mod_security leaks file descriptors
Brought to you by:
victorhora,
zimmerletw
From: Kiril K. <ki...@cl...> - 2013-08-22 12:31:46
|
Done, Regards, Kiril On Aug 22, 2013, at 3:23 PM, Breno Silva wrote: > It looks like an issue we need to check. Could you please add a ticket ? https://github.com/SpiderLabs/ModSecurity > > Thanks > > Breno > > > On Thu, Aug 22, 2013 at 8:26 AM, Kiril Kalchev <ki...@cl...> wrote: > Hi, > > I have a problem with nginx and mod_security module. After reloading nginx configuration (kill -HUP <master-nginx-pid>) all files opened by mod_security are opened once again without closing the old ones. That means at some point we hit the limit of open file descriptors, in my real life scenario I leak over 300 files on each reload. > > Here are my sample configs just to illustrate the problem: > ============================================================ > nginx.conf > user www-data www-data; > worker_processes 6; > worker_rlimit_nofile 200000; > > error_log /var/log/nginx/error.log debug; > > events { > worker_connections 16384; > multi_accept on; > use epoll; > } > > http { > server { > listen 80; > location / { > ModSecurityEnabled on; > ModSecurityConfig modsecurity.conf; > return 555; > } > } > } > > ============================================================ > modsecurity.conf: > > # Debug log > SecDebugLog /var/log/waf/events.log > ============================================================ > > In this situation after each configuration reload I am leaking open files: > > www-data@dev03 ~ # lsof | grep nginx | wc -l; kill -HUP `ps aux | grep 'nginx: master process' | grep -v grep | awk '{print $2}'`; sleep 2; lsof | grep nginx | wc -l > 361 > 368 > > I am using Ubuntu 12.04 LTS and nginx _openresty 1.4.2.1 > > (DEPLOY)www-data@dev03:~# nginx -V > nginx version: ngx_openresty/1.4.2.1 > built by gcc 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) > TLS SNI support enabled > > I will be happy to provide other information if necessary. > > Regards, > Kiril > > > ------------------------------------------------------------------------------ > Introducing Performance Central, a new site from SourceForge and > AppDynamics. Performance Central is your source for news, insights, > analysis and resources for efficient Application Performance Management. > Visit us today! > http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > > > ------------------------------------------------------------------------------ > Introducing Performance Central, a new site from SourceForge and > AppDynamics. Performance Central is your source for news, insights, > analysis and resources for efficient Application Performance Management. > Visit us today! > http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk_______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |