[CentOS] Processes launched from rc*.d and ulimit -n

Thu May 8 21:59:49 UTC 2014
Mitch Patenaude <mpatenaude at shutterfly.com>

I'm running fedora directory server on some boxes in a multi-master arrangement.

The problem is that when dirsrv is lauched from init (on boot) the maximum number of allowed file descriptors (ulimit -n) is only 4096.  That means that the slapd process can only accept ~4k connections, and it needs to accept ~10k or so.

The value for nofile for all users in /etc/security/limits.conf (and limits.d/*) is 65536, and as soon as I restart the process (service dirsrv restart) it comes up with ulimit -n being 64K, the way it's supposed to.  Why isn't it doing this at boot?

Right after boot:
ldap07:~ mpatenaude$ ldapsearch -x -h localhost -LLL -D 'cn=directory manager' -W -b 'cn=config' -s base nsslapd-maxdescriptors
Enter LDAP Password:
dn: cn=config
nsslapd-maxdescriptors: 4096

ldap07:~ mpatenaude$ sudo service dirsrv restart
[sudo] password for mpatenaude:
Shutting down dirsrv:
    ldap07...                                              [  OK  ]
Starting dirsrv:
    ldap07...                                              [  OK  ]

ldap07:~ mpatenaude$ ldapsearch -x -h localhost -LLL -D 'cn=directory manager' -W -b 'cn=config' -s base nsslapd-maxdescriptors
Enter LDAP Password:
dn: cn=config
nsslapd-maxdescriptors: 65535

Thanks,
  -- Mitch Patenaude