dovecot - May 2006 - Apple Mail and too many open files?

Hello,

For two days in a row, I've noticed that my dovecot server (hosted on  
a PowerMac running OS X) has stopped working, with a bunch of error  
messages in /var/log/mail.log like:
May 24 07:31:10 top dovecot: pipe() failed: Too many open files

To solve this, I have to kill -9 dovecot and the (many) imap   
processes running.

The only client accessing the server is a machine running Apple Mail.  
I tried to increase the limit in the number of files (I did a  
"launchctl limit maxfiles 1024 unlimited", but the problem still  
happened.

Is this a known problem? Should I allow still more files?

Thanks,

Alan

-- 
Alan Schmitt <http://alan.petitepomme.net/>

The hacker: someone who figured things out and made something cool  
happen.
.O.
..O
OOO


-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20060524/60bf30ba/attachment.bin>

Alan,

On Wed, May 24, 2006 at 07:42:34AM +0200, Alan Schmitt
wrote:
> Hello,
> 
> For two days in a row, I've noticed that my dovecot server (hosted on  
> a PowerMac running OS X) has stopped working, with a bunch of error  
> messages in /var/log/mail.log like:
> May 24 07:31:10 top dovecot: pipe() failed: Too many open files
How many is a bunch?

Dovecot once died on me after an upgrade, because the logfile had filled
up the 7Gb partition with millions of these errors:

dovecot: Feb 27 03:55:46 Error: pipe() failed: Too many open files
dovecot: Feb 27 03:55:46 Error: pipe() failed: Too many open files
dovecot: Feb 27 03:55:46 Error: pipe() failed: Too many open files

In my case, the logs just preceding these were:

dovecot: Feb 27 03:17:56 Fatal:
execv(/usr/local/libexec/dovecot/ssl-build-param) failed: No such file or
directory
dovecot: Feb 27 03:17:56 Error: child 4422 (ssl-build-param) returned error 84
(exec() failed)
dovecot: Feb 27 03:27:56 Fatal:
execv(/usr/local/libexec/dovecot/ssl-build-param) failed: No such file or
directory
dovecot: Feb 27 03:27:57 Error: child 14606 (ssl-build-param) returned error 84
(exec() failed)
dovecot: Feb 27 03:37:57 Fatal:
execv(/usr/local/libexec/dovecot/ssl-build-param) failed: No such file or
directory
dovecot: Feb 27 03:37:57 Error: child 24932 (ssl-build-param) returned error 84
(exec() failed)
dovecot: Feb 27 03:47:58 Fatal:
execv(/usr/local/libexec/dovecot/ssl-build-param) failed: No such file or
directory
dovecot: Feb 27 03:47:58 Error: child 2728 (ssl-build-param) returned error 84
(exec() failed)
dovecot: Feb 27 03:55:46 Error: pipe() failed: Too many open files
dovecot: Feb 27 03:55:46 Error: pipe() failed: Too many open files
...

It turned out that I'd configured dovecot with './configure
--program-suffix=1.0b3'. The compile therefore built a
ssl-build-param-1.0b3 binary, but as you can see in the logs, still
expected a 'ssl-build-params' binary.  Symlinking one to the other
solved
this.

HTH


--Jeff
> To solve this, I have to kill -9 dovecot and the (many) imap   
> processes running.
> 
> The only client accessing the server is a machine running Apple Mail.  
> I tried to increase the limit in the number of files (I did a  
> "launchctl limit maxfiles 1024 unlimited", but the problem still
> happened.
> 
> Is this a known problem? Should I allow still more files?
> 
> Thanks,
> 
> Alan
> 
> -- 
> Alan Schmitt <http://alan.petitepomme.net/>
> 
> The hacker: someone who figured things out and made something cool  
> happen.
> .O.
> ..O
> OOO
> 
>

Alan Schmitt wrote:
> Hello,
> 
> For two days in a row, I've noticed that my dovecot server (hosted on a
> PowerMac running OS X) has stopped working, with a bunch of error 
> messages in /var/log/mail.log like:
> May 24 07:31:10 top dovecot: pipe() failed: Too many open files
> 
> To solve this, I have to kill -9 dovecot and the (many) imap  processes 
> running.
> 
> The only client accessing the server is a machine running Apple Mail. I 
> tried to increase the limit in the number of files (I did a "launchctl
> limit maxfiles 1024 unlimited", but the problem still happened.
> 
> Is this a known problem? Should I allow still more files?
You need to look at the parameters:
sysctl -a
kern.maxfiles = 12288
kern.maxfilesperproc = 10240
and fix them by creating a file /etc/sysctl.conf

OS X is configured by default with these numbers way too low. OS X has 
some really dumb processes like AFP that will chew through all of your 
open files and not cope cleanly with running out of allowable/available 
filehandles.

OS X has a DoS vulnerability in the way ssh processes are spawned and 
the ssh interaction with their PAM modules (it exhibits with the 
symptoms you have described). Have you really got port 22 blocked from 
the outside world?? Have you tested that? Consider running ssh on an 
alternate port if running OS X server (as Apple's GUI config tools for 
the firewall don't always allow you to block port 22).

Do consider running your mail services off a machine that is not a Mac 
OS X server. OS X server is merely OS X client/workstation with a pretty 
management utility for some 'nix services. It is not stable under high 
load -- and it is not even stable under moderate load without numerous 
performance tweaks (it doesn't cope at all well if the disk queue goes 
up a touch or loadavg is at all interesting - ie it degrades poorly 
under load).

Rob.

> Date: Wed, 24 May 2006 19:55:41 +1000
> From: Rob Middleton <robm-dovecot at centenary.org.au>
> Subject: Re: [Dovecot] Apple Mail and too many open files?
> To: Alan Schmitt <alan.schmitt at polytechnique.org>
> Cc: Dovecot List Mailing <dovecot at dovecot.org>
>
> OS X is configured by default with these numbers way too low. OS X has
> some really dumb processes like AFP that will chew through all of your
> open files and not cope cleanly with running out of allowable/ 
> available
> filehandles.
If you're running filesharing of ANY kind on your mail server, you  
should stop it.  Mail servers should run mail, not run AFP and Samba  
and other things.
> OS X has a DoS vulnerability in the way ssh processes are spawned and
> the ssh interaction with their PAM modules (it exhibits with the
> symptoms you have described). Have you really got port 22 blocked from
> the outside world?? Have you tested that? Consider running ssh on an
> alternate port if running OS X server (as Apple's GUI config tools for
> the firewall don't always allow you to block port 22).
This is a very simple problem to fix, and doesn't require blocking  
port 22.
Set up /etc/hosts.allow:

sshd               		: 192.169.1.0/255.255.255.0
sshd-keygen-wrapper : 192.168.1.0/255.255.255.0

Set up /etc/hosts.deny:

ALL: ALL:deny

Tcpwrappers will now take care of you, and any DOS attacks you get  
will simply be dropped.
> Do consider running your mail services off a machine that is not a Mac
> OS X server. OS X server is merely OS X client/workstation with a  
> pretty
> management utility for some 'nix services. It is not stable under high
> load -- and it is not even stable under moderate load without numerous
> performance tweaks (it doesn't cope at all well if the disk queue goes
> up a touch or loadavg is at all interesting - ie it degrades poorly
> under load).
While some of this statement may be accurate, there's a lot of FUD  
here too.  Both OS X and OS X server use the same kernel, it is  
true.  However, these operating systems are fast and reliable.  We  
ran our mail server for a couple of years on OS X with exim and  
courier-imap, and the only reason we did stop and move to Linux is  
because we needed a bigger solution and intel-based hardware was  
cheaper than a bunch of XServes.

And I will challenge your statement about high load.  We have two web  
servers that average betwen 5 and 10 mbits of constant web load,  
running on OS X Server and XServes.  The average load on these boxes  
is something like 0.20.

Roger Weeks

On May 24, 2006, at 10:29 AM, Les Mikesell wrote:
> On Wed, 2006-05-24 at 11:51, Roger Weeks wrote:
>
>> If you're running filesharing of ANY kind on your mail server, you
>> should stop it.  Mail servers should run mail, not run AFP and Samba
>> and other things.
>
> Why?  A robust OS can do many things at once up to its resource
> limits.
Sure it can.  But in my experience, it's bad practice, both in the  
enterprise and in the service provider world.  When your box gets hit  
with a denial of service attack, or 500 users decide to copy the  
latest cool video to their home dir, and it's also your mail and web  
server, all of your services go to hell.

When you have a box dedicated to specific services, you can upgrade  
that box without affecting all of your services.  If the box dies,  
not all of your services die.

--
Roger J. Weeks
Systems & Network Administrator
Mendocino Community Network