samba stuck at maximum of 1024 open files

filesystems ulimit samba network-share

Solution 1:

Ok I have solved my issue, and in doing so come to a better understanding of how the ulimits work, at least in Ubuntu. There were a number of issues and I think I have sorted them all out.

First problem, and a silly one: nofiles should be nofile in /etc/security/limits.conf

Another more significant oversight: While I had ensured pam_limits.so was included in /etc/pam.d/common-session, I didn't notice that there was also /etc/pam.d/common-session-noninteractive. The latter file was the one that samba was using.

Fixing that issue appears to have fixed samba, which can now open as many file descriptors as it likes. Windows copies complete successfully. Also note: Samba does indeed use the appropriate user's ulimit, not the ulimits the smbd process started with, nor root's ulimit. /etc/security/limits.conf is the place to set this, once you have properly configured either (both?) /etc/pam.d/common-session-noninteractive and /etc/pam.d/samba to use pam_limits.so

As for the other issue, where my user was stuck at 1024 hard/1024 soft limits, that was a combination of a few issues. First and foremost, despite having /etc/pam.d/sshd the ssh daemon does not use PAM unless you modify /etc/ssh/sshd_config to have "UsePAM yes". The default is "no", and without using PAM, pam_limits.so (which is responsible for applying limits.conf) does not even come into play.

Instead, the default ulimits for non-PAM logins seem to inherit from pid 1 (typically "init"). You can check those default pid 1 limits with cat /proc/1/limits. Unfortunately, as far as I can tell, those limits are set as defaults in the kernel. There does not seem to be any way to modify them short of recompiling the kernel, or convincing the non-PAM application to use PAM.

I also just want to offer the advice that cat /proc/<anypid>/limits is a great way to debug the limits of any specific process you might be having trouble with. I wish I had discovered that sooner.

Solution 2:

I was working with ubuntu 14.04 lts and needed several hours to realize the following:

  • samba-ad-dc is startet with upstart, so settings in /etc/security/limits.conf are irrelevant.
  • limits are defined with the stanza in the file /etc/init/samba-ad-dc.conf

  • there had to be a line inserted with the following code:

    limit nofile 16384 16384

After a restart all works fine, ps ax tells you the process id of samba and cat /proc/799/limits shows the correct Max open file limits of the process 799 (exchange 799 with your process id).

Related

Can I send clients a pre-configured Virtual Machine?
How do I use supervisord's environment option in program sections?
Postgres Remote Access
Apache ProxyPass only if from a Subdomain
Caching db results - need a nudge on how to start
How to open OpenVPN port (1194) on server?
SAS Expanders for DIY JBOD Arrays
How good is failover of the iSCSI target on a two-node linux san?
Where to put Web Root in CentOS? /var/www/ or /home/user/public_html/?
Picking the right innodb_buffer_pool_size
Is there a .history file on Windows machines?
VMplayer Virtual Disk Shrinking/Compacting/Defragmenting