[CentOS] LDAP server, too many open files

Jacob Bresciani

Jacob at aers.ca
Thu Oct 22 16:09:44 UTC 2009 

I've setup an LDAP server with a slave server on Centos 5.3 X86_64,  
replication works, most of the time client logins work fine but I'm  
starting to get a error I can't seem to eliminate, it's starting to  
cause login failures for users and I think it's causing other  
application failures when they try to auth against ldap.

on the client side /var/log/messages shows
Oct 22 08:53:23 client sshd[564]: nss_ldap: failed to bind to LDAP  
server ldap://ldap1: Can't contact LDAP server
Oct 22 08:53:23 client sshd[564]: nss_ldap: reconnected to LDAP server ldap://ldap2
Oct 22 08:54:01 client ps: nss_ldap: failed to bind to LDAP server ldap://ldap1: 
  Can't contact LDAP server
Oct 22 08:54:01 client ps: nss_ldap: reconnected to LDAP server ldap://ldap2
Oct 22 08:54:03 client ls: nss_ldap: failed to bind to LDAP server ldap://ldap1: 
  Can't contact LDAP server
Oct 22 08:54:03 client ls: nss_ldap: reconnected to LDAP server ldap://ldap2
Oct 22 08:55:02 client ps: nss_ldap: failed to bind to LDAP server ldap://ldap1: 
  Can't contact LDAP server
Oct 22 08:55:02 client ps: nss_ldap: reconnected to LDAP server ldap://ldap2

on the server side I see
  Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:23 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:25 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:25 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:25 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:25 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:25 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:25 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:25 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:25 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.allow: Too many open files
Oct 22 08:53:26 ldap1slapd[23963]: warning: cannot open /etc/ 
hosts.deny: Too many open files
...

ldap1 does nothing but ldap and I only have the x86_64 binaries  
installed.
my slapd.conf file on the server looks like

######################################################
include		/etc/openldap/schema/core.schema
include		/etc/openldap/schema/cosine.schema
include		/etc/openldap/schema/inetorgperson.schema
include		/etc/openldap/schema/nis.schema

allow bind_v2

pidfile		/var/run/openldap/slapd.pid
argsfile	/var/run/openldap/slapd.args

access to attrs=userPassword
     by self write
     by anonymous auth
     by dn.base="cn=domainadm,dc=domain,dc=local" write
     by dn.base="uid=ldapsync,ou=People,dc=domain,dc=local" read
     by * none
access to *
     by self write
     by dn.base="cn=domainadm,dc=domain,dc=local" write
     by dn.base="uid=ldapsync,ou=People,dc=domain,dc=local" read
     by * read
access to * by * read

limits dn.exact="uid=ldapsync,ou=People,dc=domain,dc=local"  
size=unlimited time=unlimited

database	bdb
suffix		"dc=domain,dc=local"
rootdn		"cn=root,dc=domain,dc=local"
rootpw          {SSHA}YnnYasdadasdasdasdassd

directory	/var/lib/ldap

# Indices to maintain for this database
index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub
index uniqueMember                      eq,pres
index entryCSN				eq

loglevel sync none
logfile /var/log/ldap.log

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
######################################################

------------------------
Jacob Bresciani

More information about the CentOS mailing list