[tor-dev] OpenBSD in doc/TUNING
libertas at mykolab.com
Tue Nov 4 17:25:18 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
I think it would be a good idea to add OpenBSD to doc/TUNING because
its file descriptor limits are a little confusing, and because
promoting OpenBSD relays benefits the Tor network's security.
By default, OpenBSD limits the total number of file descriptors to
7030. This can be changed only by recompiling the kernel:
However, stricter limits are set in /etc/login.conf so that a single
user cannot open all available file descriptors, preventing others
from opening files. In this config file, openfiles-cur is the max upon
login, and openfiles-max is the highest limit that can be set (even
using ulimit -n) without changing /etc/login.conf and restarting.
The _tor user is in the daemon class, at least on my install. You can
check using 'userinfo _tor'. This means that the daemon class rules in
/etc/login.conf also apply to Tor.
See 'man login.conf' and Absolute OpenBSD (2nd Ed.) for more info.
If I recall correctly, my OpenBSD relay maxed out at 1024 before I
changed /etc/login.conf. This agrees with what I'm seeing in
contrib/dist/tor.sh.in, and (again, IIRC) also happened to be the
It's worth noting that contrib/dist/tor.sh.in only checks for the
maximum file descriptor count in /proc/sys/fs/file-max (lines 53-65 on
the master branch), which doesn't exist in OpenBSD, so Tor will
probably default to 1024 regardless of what openfiles-max is.
I'm still a beginner, so let me know if I made any mistakes. Also, let
me know if I should send this to the relays list as well.
I can write up a short draft paragraph if people think this is
accurate and worthwhile. Help is welcome.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
More information about the tor-dev