[systemd-devel] "sshd.socket failed to queue socket startup job"
Lennart Poettering
lennart at poettering.net
Wed Feb 23 09:23:05 PST 2011
On Wed, 23.02.11 16:24, Zbigniew Jędrzejewski-Szmek (zbyszek at in.waw.pl) wrote:
> Hi,
> I wanted to see what happens when using per-connection sshd at .service
> from http://0pointer.de/public/systemd-units/sshd@.service.
>
> After doing some ~1200 ssh connections, the socket went into
> disabled state:
> Feb 23 15:43:23 fedora systemd[1]: sshd.socket failed to queue socket startup job: File exists
> Feb 23 15:43:23 fedora systemd[1]: Unit sshd.socket entered failed state.
>
> After 'systemctl restart sshd.socket' connections work again.
> Is this expected?
>
> Another problem is resource usage:
> after 7000 connections the RSS of systemd is up at 90MB. It started around 20MB,
> so this gives 70 MB / 7000 connections = 10kB per connection, which is not bad,
> but basically opens up a way to bring the machine down if the number of connection
> is not limited in some other way.
>
> Should systemd implement dropping old inactive template-generated units?
> Or maybe does it do this already?
We do that. The problem is that this service of yours failed and systemd
hence won't drop it. If a service fails we usually use that as
indication that this is something the admin should see and hence never
GC the service.
In this case there are two solutions: a) fix sshd to not return a
failure code if run as "sshd -i".
Or b) replace "ExecStart=/usr/sbin/sshd -i" by
"ExecStart=-/usr/sbin/sshd -i" to ensure we ignore any failure from
sshd.
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the systemd-devel
mailing list