Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
faq:nix [2018/02/13 12:37] – Added some information on binding to ports below 1024 as non-root on Linux, since that question seems to come up from time to time nightfoxfaq:nix [2023/02/08 23:50] (current) – [Maximum Open Files] Replace pgrep with pidof digital man
Line 18: Line 18:
   * [[#SELinux|What does nothing work with SELinux]]?   * [[#SELinux|What does nothing work with SELinux]]?
   * [[#Disk space|How much disk space is required]]?    * [[#Disk space|How much disk space is required]]? 
-  * [[#TermType|What does an ''unknown terminal'' error indicate]]? +  * [[#Terminal Type|What does an ''unknown terminal'' error indicate]]? 
-  * [[#ports_below_1024_without_root_on_linux|How can bind to ports below 1024 without being root on Linux]]?+  * [[#tempnam warning|Why do I get a warning about use of ''tempnam'' when compiling]]? 
 +  * [[#SDL Errors|How do I work around SDL 1.2 run-time errors]]? 
 +  * [[#Recycle|Why does the recycling of servers/services not work]]? 
 +  * [[#Maximum_Open_Files|How do resolve ERROR 24 (Too many open files)]]?
      
 ===== Flavors ===== ===== Flavors =====
Line 170: Line 173:
  
 **Answer:**\\    **Answer:**\\   
-A fresh install (as of Feb-2009) requires about 70MBytes+A fresh install (as of Mar-2020from source code, requires about 500MBytes of space
-Much of the space consumed is in the form of intermediate build files which +Much of the space consumed is in the form of intermediate build files which may be removed after the build is complete if space is a concern.
-may be removed after the build is complete if space is a concern.+
  
  
Line 193: Line 195:
 To elaborate, [[util:SBBSecho]] uses ''tempnam'' for a specific purpose, which ''mkstemp'' does not do. Additionally ''mkstemp'' is not available in all the C libraries for all the platforms for which Synchronet is built. The //dangers// of ''tempnam'' do not apply to SBBSecho's use of the function. To elaborate, [[util:SBBSecho]] uses ''tempnam'' for a specific purpose, which ''mkstemp'' does not do. Additionally ''mkstemp'' is not available in all the C libraries for all the platforms for which Synchronet is built. The //dangers// of ''tempnam'' do not apply to SBBSecho's use of the function.
  
-===== Ports Below 1024 Without Root On Linux ===== +===== SDL errors ===== 
-By defaultLinux does not allow non-root processes to bind to ports below 1024 This was done as a security measure, although some argue that the reasons for this are obsolete.  It is often a bad practice to run processes as root unless it's really necessary to do soand perhaps even more so with an Internet-accessible server Thusit is often desirable to run servers on standard ports (below 1024) as non-root user.  You can do so with the setcap command For example:\\ +**Question:**\\ 
-  setcap cap_net_bind_service=+ep /sbbs/exec/sbbs+How do I work around SDL_main errors (e.g. ''No protocol specified'' followed by a ''segmentation fault'') that prevent Synchronet applications (e.g. [[util:SCFG]][[util:EchoCFG]], [[monitor:umonitor]], etc.) built with SDL 1.2 from running? 
 +<code> 
 +$ /sbbs/exec/scfg 
 +No protocol specified 
 +No protocol specified 
 +No protocol specified 
 +Segmentation fault (core dumped) 
 +</code> 
 + 
 +**Answer:**\\ 
 +Double check that you can run X applications (e.g. ''xterm'', ''xeyes'') and if you cannot, you may need to grant X access to other user accounts with a command like: 
 +  xhost +SI:localuser:<username> 
 +executed before switching to another user account (e.g. with ''su'' or ''sudo''). 
 + 
 +Work-arounds: 
 +  - Clean re-build all of Synchronet without SDL support (include ''WITHOUT_SDL=1'' on the ''make'' command-lines or in your ''localdefs.mk'' file) 
 +  - Set the ''SDL_VIDEODRIVER'' environment variable to the value of ''dummy'' (e.g. ''EXPORT SDL_VIDEODRIVER=dummy'') before executing the program 
 + 
 +===== Recycle ===== 
 +**Question:**\\ 
 +Why do my servers/services fail to recycle when I set the node-recycle flag (e.g. saving changes in [[util:SCFG]]) or when touching recycle [[config:semfiles]]? 
 + 
 +**Answer:**\\ 
 +Servers will not recycle while they are in-use. 
 + 
 +<file> 
 +$ node rerun 
 + 
 +Synchronet Node Display/Control Utility v1.34 
 + 
 +Node  1: User #1 reading messages via telnet (M) [R] 
 +Node  2: Waiting for connection [R] 
 +Node  3: Waiting for connection [R] 
 +Node  4: Waiting for connection [R] 
 +Node  5: Waiting for connection [R] 
 +Node  6: Waiting for connection [R] 
 +Node  7: Waiting for connection [R] 
 +Node  8: Waiting for connection [R] 
 +</file> 
 + 
 +**Question:**\\ 
 +What do the following warning-level log messages indicate? 
 +  Disabling Terminal Server recycle support 
 +  Disabling FTP Server recycle support 
 +  Disabling Web Server recycle support 
 +  Disabling Mail Server recycle support 
 +  Disabling Services recycle support 
 +   
 +**Answer:**\\ 
 +Recycle support can be disabled manually be setting the ''NO_RECYCLE'' ''Options'' flag in one or more server sections of your ''[[config:sbbs.ini]]'' file.\\ 
 +The log warning messages above ("Disabling ... recycle support") indicate that the BBS automatically set the ''NO_RECYCLE'' option flag because it was: 
 +  - Configured to bind-to/listen-on TCP ports 1024 (the so-called "reserved" ports) 
 +  - **and** the BBS was configured to change the current user-id in the ''[[config:sbbs.ini#UNIX]]'' section of ''[[config:sbbs.ini]]'' 
 +  - **and** the BBS could not dynamically set the bind capabilities using the Linux "Capabilities" syscall interface. 
 + 
 +The solution is to remove the ''User'' and ''Group'' settings from the ''[[config:sbbs.ini#UNIX]]'' section of ''[[config:sbbs.ini]]'' and then follow the instructions [[howto:Linux_non-root|here]] for running the BBS on Linux as a non-root user (if you haven't already). 
 + 
 +===== Maximum Open Files ===== 
 +**Question:**\\ 
 +Why am I seeing ''ERROR 24 (Too many open files)'' failures in my error log? 
 + 
 +**Answer:**\\ 
 +Versions of Synchronet prior to v3.19c contained a bug with the JavaScript //User// class that could cause a leak of open file descriptors (concurrent opens of the ''[[dir:data]]/user.dat'' file that were never closed). This bugcombined with a long-running //webv4// ''events.ssjs'' issue that could cause a lot of instances of the //User// class to linger in the JavaScript heap (since fixed with a call to ''js.gc()'')could cause "Too many open files" errors to occur. 
 + 
 +**Answer:**\\ 
 +You need to increase your maximum number of open files. 
 +\\ \\ 
 +**Checking current open file limits**\\ 
 +The most reliable way to determine your open file limit is to login to your BBS as a sysop, run the '';SHELL'' [[module:str_cmds|string command]], and at the OS command line, issue the commands below. The hard limit is the systemwide limit, and the soft limit is one that a user can raise (up to the hard limit). 
 + 
 +To view the soft limit''ulimit -Sn''\\ 
 +To view the hard limit: ''ulimit -Hn'' 
 + 
 +Another method that works on Linux is to search for line beginning with "Max open files" in the file ''/proc/$(pidof sbbs)/limits'': 
 +  $ sudo grep "Max open files" /proc/$(pidof sbbs)/limits 
 +  Max open files            10000                10000                files      
 + 
 +**If you start Synchronet with systemd**\\ 
 +If you're using [[howto:systemd|systemd]] to start sbbs, edit your service file (usually ''sbbs.service'') by adding the following line in the ''[Service]'' section: 
 + 
 +<file sbbs.service> 
 +LimitNOFILE=10000 
 +</file> 
 + 
 +After adding the line, reload the service file from the command line using ''systemctl daemon-reload''. Finally, restart Synchronet. 
 + 
 +**If you start Synchronet manually or with a shell script**\\ 
 +If you start sbbs with a shell script, manually from the command line, or some other similar method, edit ''/etc/security/limits.conf'' to add the lines below. 
 + 
 +To raise the soft limit for your Synchronet user, add this line: 
 + 
 +<file limits.conf> 
 +yourBBSuser     soft     nofile     10000 
 +</file>
  
-For more information, see the following:\\ 
-[[https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux|StackOverflow: Is there a way for non-root processes to bind to “privileged” ports on Linux?]]\\ 
-[[https://www.jumpingbean.co.za/blogs/mark/run-application-port-below-1024-linux|How to bind to ports below 1024 without being root on Linux?]]\\ 
-[[https://www.staldal.nu/tech/2007/10/31/why-can-only-root-listen-to-ports-below-1024|Why can only root listen to ports below 1024?]] 
  
 +      
 ===== See Also ===== ===== See Also =====
   * [[:faq:|Frequently Asked Questions]]   * [[:faq:|Frequently Asked Questions]]
faq/nix.1518554259.txt · Last modified: 2018/02/13 12:37 by nightfox
Back to top
CC Attribution 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0