Changing ulimit for debian-tor
The limit to open files is set to 1024 by default in my system. So it is for the "debian-tor" user, too. It seems to me a bit low. I tried to rise it a whit through "sudo" and getting a shell for debian-tor, but it doesn't work. Can I use PAM-LIMIT with tor ? If not, how can I set ulimit for debian-tor when booting ? And when restarting tor ? BTW, may the open files ulimit preclude a relay to get the "guard" flag ? thanks in advance, Lluís Spain
On Wed, 10 Dec 2014, Lluís wrote:
If not, how can I set ulimit for debian-tor when booting ? And when restarting tor ?
If you run tor from the init script (service tor (re)start), the init script will set higher limits. It will try to pick something reasonable based on the total number of file-descriptors on your system. see /etc/init.d/tor. -- | .''`. ** Debian ** Peter Palfrader | : :' : The universal http://www.palfrader.org/ | `. `' Operating System | `- http://www.debian.org/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, Lluís. I think the ulimit is set on a per-process basis, inherited from the parent process, so raising it in another shell won't change anything. This can be seen by opening two terminals on a local machine or two SSH sessions on a remote machine and toying with the ulimits. Tor can generally raise the limits itself, though, when started as root. Can you post the error message that caused you to ask this question, and tell us how you start Tor? On 12/10/2014 05:03 PM, Lluís wrote:
The limit to open files is set to 1024 by default in my system. So it is for the "debian-tor" user, too. It seems to me a bit low.
I tried to rise it a whit through "sudo" and getting a shell for debian-tor, but it doesn't work.
Can I use PAM-LIMIT with tor ? If not, how can I set ulimit for debian-tor when booting ? And when restarting tor ?
BTW, may the open files ulimit preclude a relay to get the "guard" flag ?
thanks in advance,
Lluís Spain _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJUiMgxAAoJELxHvGCsI27N860QAKoryfHQZVTAAqrwEKrW5IVz hWOu5Mnisvn+M81ZPgsdqw25Jz2Tjidw3J+TqIjlNTfid5y5RwTMNKQsbbPjL4B9 AD0GP0/kChKrf+1YVpi5jWedKDvZrRlSTTRPzQcZSyg8+LLEJQAgiZr2DI0LqSZR tk6WxP6oSCQdvrTF/JT8AvE2HYDTK4A/PHft48ZYPNgzH0mS8oyWOdmVuHB7FCZz ySk29pR0NBSlBrp0J7uJn0UGQUo4d9K5vdQwY6WkTZN6iE0rjqUm77p/QEMRyd5F 0xWfWqYg6wipf/3GJ1Oj1faebvuZGgcjK3rsBb0ATFkIKoioufxJfNxLkbHnbwMD CkAcdsqz7rAcNFqAs1m4JEgktbybkyzBqDKpuz2TpO9zHcnElesjmeeElZlj3yb6 Lj+8vcbJCIaq3NSSAySQ/piwhQX5kEtQFLyBo6+JUv60e5IjLm7/uLu5FJTGtUiP 5iBJbH/lsfUhDLRlwiloBFZBVUV9CigQmJqPQ8TIt6ZBJ/gyg2COAKuQfCH2HRMH beJxsvFCMWBD+Sgi52Nk7M0TtyliKCVQXYFyEaYkg6ynwb6TIwNrx53XurGK+diQ DdzLONkAk3XzFxouesjTLhCLOcoJLd/jCh3xPZNmhml6key+MleKSLRHTec3WME/ YbQp5qqoNjWAUKpkn6Wu =eVVP -----END PGP SIGNATURE-----
Hello everyone,
Tor can generally raise the limits itself, though, when started as root. Can you post the error message that caused you to ask this question ?
There's no error message, I followed this thread: "Tor Server - DDOS or High Load" there were talking about ulimits and I checked mine. I also have to confess that there is no rc_ulimit="-n NNNNNN" option in my torrc file.
and tell us how you start Tor?
I start tor as the "debian-tor" user and with the delivered tools, that is: /etc/init.d/tor start Besides that, it seems to be very difficult for my relay (nickname ione) to get the "guard" flag, and I wondered if it may have any relation. Thanks in advance, Lluís
Libertas: Hi, Lluís.
I think the ulimit is set on a per-process basis, inherited from the parent process, so raising it in another shell won't change anything. This can be seen by opening two terminals on a local machine or two SSH sessions on a remote machine and toying with the ulimits.
Tor can generally raise the limits itself, though, when started as root. Can you post the error message that caused you to ask this question, and tell us how you start Tor?
On 12/10/2014 05:03 PM, Lluís wrote:
The limit to open files is set to 1024 by default in my system. So it is for the "debian-tor" user, too. It seems to me a bit low.
I tried to rise it a whit through "sudo" and getting a shell for debian-tor, but it doesn't work.
Can I use PAM-LIMIT with tor ? If not, how can I set ulimit for debian-tor when booting ? And when restarting tor ?
BTW, may the open files ulimit preclude a relay to get the "guard" flag ?
thanks in advance,
Lluís Spain _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Thu, Dec 11, 2014 at 2:56 AM, Lluís <msl12@sde12.jazztel.es> wrote:
Hello everyone,
Tor can generally raise the limits itself, though, when started as root. Can you post the error message that caused you to ask this question ?
There's no error message, I followed this thread:
"Tor Server - DDOS or High Load"
there were talking about ulimits and I checked mine.
I also have to confess that there is no
rc_ulimit="-n NNNNNN"
option in my torrc file.
and tell us how you start Tor?
I start tor as the "debian-tor" user and with the delivered tools, that is:
/etc/init.d/tor start
Besides that, it seems to be very difficult for my relay (nickname ione) to get the "guard" flag, and I wondered if it may have any relation.
You are setting your BandwidthRate to 256K - it will never get the Guard flag. If you raise the rate limiting, it might get the flag in time (if the bandwidth rate is higher than a critical number of nodes) -Jeremy
Where can I read about the conditions to get the guard flag ? Lluís Jeremy Olexa:
On Thu, Dec 11, 2014 at 2:56 AM, Lluís <msl12@sde12.jazztel.es> wrote:
Hello everyone,
Tor can generally raise the limits itself, though, when started as root. Can you post the error message that caused you to ask this question ?
There's no error message, I followed this thread:
"Tor Server - DDOS or High Load"
there were talking about ulimits and I checked mine.
I also have to confess that there is no
rc_ulimit="-n NNNNNN"
option in my torrc file.
and tell us how you start Tor?
I start tor as the "debian-tor" user and with the delivered tools, that is:
/etc/init.d/tor start
Besides that, it seems to be very difficult for my relay (nickname ione) to get the "guard" flag, and I wondered if it may have any relation.
You are setting your BandwidthRate to 256K - it will never get the Guard flag. If you raise the rate limiting, it might get the flag in time (if the bandwidth rate is higher than a critical number of nodes) -Jeremy _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On December 12, 2014 12:49:58 PM Lluís <msl12@sde12.jazztel.es> wrote: Hi,
Where can I read about the conditions to get the guard flag ?
If you are looking for details you may want to check out: https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt
Jeremy Olexa:
On Thu, Dec 11, 2014 at 2:56 AM, Lluís <msl12@sde12.jazztel.es> wrote:
Hello everyone,
Tor can generally raise the limits itself, though, when started as root. Can you post the error message that caused you to ask this question ?
There's no error message, I followed this thread:
"Tor Server - DDOS or High Load"
there were talking about ulimits and I checked mine.
I also have to confess that there is no
rc_ulimit="-n NNNNNN"
option in my torrc file.
and tell us how you start Tor?
I start tor as the "debian-tor" user and with the delivered tools, that is:
/etc/init.d/tor start
Besides that, it seems to be very difficult for my relay (nickname ione) to get the "guard" flag, and I wondered if it may have any relation.
You are setting your BandwidthRate to 256K - it will never get the Guard flag. If you raise the rate limiting, it might get the flag in time (if the bandwidth rate is higher than a critical number of nodes) -Jeremy _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-- Sincerely yours / Sincères salutations Sebastian Urbach ----------------------------------------- Definition of Tor: 10% luck, 20% skill, 15% concentrated power of will, 5% pleasure, 50% pain and 100% reason to remember the name! -----------------------------------------
participants (5)
-
Jeremy Olexa -
Libertas -
Lluís -
Peter Palfrader -
Sebastian Urbach