Closed 77cc33 closed 11 years ago
every application wanting to use pam, must explicitely support it. You have to load the "pam" plugin and use --pam or --pam-user (based on your need). The pam plugin is not builtin by default but its only dependancies are the pam development headers.
in addition to this, remember you can set the max-fd in the emperor, and this limit will be inherited by vassal (without bothering with pam)
I tried emperor, and it didn't work. it's my ubuntu upstart init script
description "uWSGI Emperor"; start on runlevel [2345] stop on runlevel [06]
exec uwsgi \ --master \ --die-on-term \ --emperor /etc/uwsgi \ --logto /var/log/uwsgi/emperor.log \ --logdate \ --auto-procname \ --no-orphans \ --need-app \ --max-fd 30000
and it's what I have in my emperor log Fri Mar 29 07:48:48 2013 - detected max file descriptor number: 30000
and it what I have in application log setrlimit(): Operation not permitted [core/uwsgi.c line 2157] detected max file descriptor number: 1024
you are right, setrlimit is called too late, while it should be called before privileges drop, will be fixed in the next few minutes
hmm should be managed in another way, as it could be a security problem allowing the user to increase its max-fd before privileges drop. Will leave this open, i will post the solution as soon as possible
you can try with latest code from github and adding --max-fd to the emperor. The vassals wil inherit the limit.
From now on this is the blessed way
thank you!
just wanted to aprove that it works now!
ubuntu 12.04 lts 64 bit
I have /etc/security/limits.conf set as 135K
www-data hard nofile 133333 www-data soft nofile 133333 root hard nofile 133333 root soft nofile 133333
but when I start uwsgi, it shows me: detected max file descriptor number: 1024
I tried to set fd-max, and got this: setrlimit(): Operation not permitted [core/uwsgi.c line 2157] detected max file descriptor number: 1024
I start uwsgi as root with help of emperor and later set uid to www-data
is there some workaround to fix it ASAP?