Re: open files limit was: Re: Enabling Apache HTTP/2 => Too many open files error

2023-03-02 Thread Jonathan Billings
On Mar 2, 2023, at 03:35, Roberto Ragusa wrote: > > On 2/27/23 13:44, Richard W.M. Jones wrote: > >> It turns out that the default open file limit (1024!) is too low. To >> change this and fix the problem: >> # systemctl edit httpd > This low limit can be an issue for many processes. > I do

Re: open files limit was: Re: Enabling Apache HTTP/2 => Too many open files error

2023-03-02 Thread Roger Heflin
On Thu, Mar 2, 2023 at 2:35 AM Roberto Ragusa wrote: > > On 2/27/23 13:44, Richard W.M. Jones wrote: > > > It turns out that the default open file limit (1024!) is too low. To > > change this and fix the problem: > > > ># systemctl edit httpd > This low limit can be an issue for many processe

open files limit was: Re: Enabling Apache HTTP/2 => Too many open files error

2023-03-02 Thread Roberto Ragusa
On 2/27/23 13:44, Richard W.M. Jones wrote: It turns out that the default open file limit (1024!) is too low. To change this and fix the problem: # systemctl edit httpd This low limit can be an issue for many processes. I don't understand why it is still so low in modern machines. I've rai

Re: Enabling Apache HTTP/2 => Too many open files error

2023-02-27 Thread Richard W.M. Jones
On Mon, Feb 27, 2023 at 11:42:49AM -0500, Jeffrey Walton wrote: > Hi Rich, > > > [although it's way more > > complicated than it needs to be, why isn't HTTP/2 the default out of > > the box?] > > HTTP/2 is insecure out-of-the-box. Remember CRIME and BREACH? The > protocol requires compression, an

Re: Enabling Apache HTTP/2 => Too many open files error

2023-02-27 Thread Jeffrey Walton
Hi Rich, > [although it's way more > complicated than it needs to be, why isn't HTTP/2 the default out of > the box?] HTTP/2 is insecure out-of-the-box. Remember CRIME and BREACH? The protocol requires compression, and compression is a known attack vector. From the abstract of RFC 7450: This

Re: Enabling Apache HTTP/2 => Too many open files error

2023-02-27 Thread Roger Heflin
Do a lsof -p and it will list out the files. It may be a file handle leak. I have seen leaks from failure to close a file when a process is done. There can be leaks if a process uses an anonymous memory allocation trick that relies on file handles, and there are probably others. The lsof output

Enabling Apache HTTP/2 => Too many open files error

2023-02-27 Thread Richard W.M. Jones
I fixed this now, but I could find virtually no documentation about it online, so I'm writing this email to document what surely must be a common problem ... I wanted to enable HTTP/2 support in Apache on Fedora 38. I followed the documentation here which worked [although it's way more complicate