search

MarcJHuber / event-driven-servers

A collection of event-driven servers (currently: tac_plus, tac_plus-ng, ftpd, tcprelay)
https://www.pro-bono-publico.de/projects
Other
100 stars 25 forks source link

tacplusng.service terminating under oom-kill #116

Closed linx-collin closed 1 month ago

linx-collin commented 2 months ago

Hi,

Our monitoring triggered a failure in the tacplusng.service and a systemctl status tacplusng revealed the following:

× tacplusng.service - TACACS+ NG Loaded: loaded (/etc/systemd/system/tacplusng.service; enabled; vendor preset: enabled) Active: failed (Result: oom-kill) since Thu 2024-10-03 15:50:25 UTC; 8min ago Process: 2617780 ExecStart=/usr/local/sbin/tac_plus-ng /etc/tacplusng/tacplusng.conf (code=exited, status=0/SUCCESS) Main PID: 2617780 (code=exited, status=0/SUCCESS) CPU: 16h 28min 10.060s

Oct 03 15:50:06 xxxxxxxx.xxxx.xxx tacplus[2973023]: 192.168.44.2 result for user user is ACK Oct 03 15:50:06 xxxxxxxx.xxxx.xxx tacplus[2973023]: 192.168.44.2 shell login for 'user' (realm: port1610) on unknown succeeded (profile=admin-ro) Oct 03 15:50:06 xxxxxxxx.xxxx.xxx tacplus[2973023]: authen|192.168.44.2|user|unknown||shell login succeeded Oct 03 15:50:06 xxxxxxxx.xxxx.xxx tacplus[2973023]: 192.168.61.3 result for user user is ACK Oct 03 15:50:06 xxxxxxxx.xxxx.xxx tacplus[2973023]: 192.168.61.3 shell login for 'user' (realm: port1610) on unknown succeeded (profile=admin-ro) Oct 03 15:50:06 xxxxxxxx.xxxx.xxx tacplus[2973023]: authen|192.168.61.3|user|unknown||shell login succeeded Oct 03 15:50:24 xxxxxxxx.xxxx.xxx tacplus[2973023]: - SIGHUP: No longer accepting new connections. Oct 03 15:50:25 xxxxxxxx.xxxx.xxx tacplus[2973023]: - Exiting. Oct 03 15:50:25 xxxxxxxx.xxxx.xxx systemd[1]: tacplusng.service: Failed with result 'oom-kill'.

Can you give me some ideas around the amount of memory recommeded for a server running the tacplus or some tips on settings that might manage the memory better?

root@xxxxxxxx.xxxx.xxx:/var/log# grep -i memory /var/log/kernel.log Oct 3 15:50:06 xxxxxxxx.xxxx.xxx kernel: [14019690.673883] out_of_memory+0x106/0x2e0 Oct 3 15:50:06 xxxxxxxx.xxxx.xxx kernel: [14019690.674049] Tasks state (memory values in pages): Oct 3 15:50:06 xxxxxxxx.xxxx.xxx kernel: [14019690.674215] Out of memory: Killed process 2953118 (tac_plus-ng) total-vm:3765236kB, anon-rss:2066516kB, file-rss:344kB, shmem-rss:0kB, UID:0 pgtables:7404kB oom_score_adj:0 Oct 3 15:50:06 xxxxxxxx.xxxx.xxx kernel: out_of_memory+0x106/0x2e0 Oct 3 15:50:06 xxxxxxxx.xxxx.xxx kernel: Tasks state (memory values in pages): Oct 3 15:50:06 xxxxxxxx.xxxx.xxx kernel: Out of memory: Killed process 2953118 (tac_plus-ng) total-vm:3765236kB, anon-rss:2066516kB, file-rss:344kB, shmem-rss:0kB, UID:0 pgtables:7404kB oom_score_adj:0

Thanks

MarcJHuber commented 2 months ago

Hi,

thanks for reporting -- this surely looks like a memory leak. Please provide the "tac_plus-ng -v" output, I've switched to a new memory abstraction API during the last weeks, so that might be related.

In general, I don't believe there are any special memory requirements to consider. What you're seeing is most definitely a bug.

Thanks,

Marc