[tor-bugs] #13702 [Tor]: Adding OpenBSD to doc/TUNING
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Nov 7 16:50:11 UTC 2014
#13702: Adding OpenBSD to doc/TUNING
-----------------------------------------+---------------------------------
Reporter: mmcc | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Tor | Version: Tor:
Keywords: OpenBSD, tuning, doc/TUNING | unspecified
Parent ID: | Actual Points:
| Points:
-----------------------------------------+---------------------------------
As described in the below draft, OpenBSD is a little more persnickety
about maximum file descriptor counts than most OSs. It's also the most-
used Unix OS not listed in doc/TUNING thus far, so it makes sense to
include it.
I wrote the below section, which turned out to be a little long. Please
let me know what you think of it; I'd be fine cutting much of it out or
doing a total rewrite if that's the best option.
-------
OpenBSD
-------
For recent versions of OpenBSD (5.5 and 5.6, and probably older releases
as well), the maximum number of file descriptors that can be opened is
7030:
http://unix.stackexchange.com/questions/104929/does-openbsd-have-a-limit-
to-the-number-of-file-descriptors/104948#104948
This limit is kernel-level. To change it, you would have to modify the
relevant constants and recompile the kernel.
However, there are stricter limits set on users. This is a security
feature intended to prevent one user from choking out others by opening
all possible file descriptors.
The stricter limits are set in /etc/login.conf. This config file sets
resource access rules for user classes. You should be running
Tor as a non-privileged daemon user '_tor', which belongs to the 'daemon'
class. It will therefore be subject to the 'default' and 'daemon' rules.
There are two relevant rules: openfiles-cur and openfiles-max. The prior
is the initial limit upon login - the soft limit. The latter is the
maximum limit
that can be set using 'ulimit -n' or setrlimit() without editing
/etc/login.conf and
rebooting. This is known as the hard limit.
Without editing /etc/login.conf, daemon-owned processes have a
soft limit of 512 open files and a hard limit
of 1024 open files. Tor can increase the soft limit as needed, so
you will therefore eventually get warnings about running
out of available file descriptors once Tor reaches ~1024 open files.
To increase the hard limit, add the following line to the daemon class
rules in /etc/login.conf:
:openfiles-max=6500:\
Upon restarting the machine, Tor will be able to open up to 6500 file
descriptors.
Be aware that, by doing this, you are bypassing a security and stability
feature of the OS. If you are running your relay on a weak or old system,
watch
your system load to ensure that it can handle this many open files.
Also, Tor may interfere with any other programs that open many files.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13702>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list