Problem with multiple LDAP servers
A.L.M.Buxey at lboro.ac.uk
Thu May 5 00:50:04 CEST 2016
Of course, now I'm using multiple ldap configs I've now hit the too many files open issue.
Which causes all sorts of interesting failure modes. Obvious when sql connection can't work - the cause is printed out. ... but it was failing in reading the root cert used for ldap instance 5 and claimed it couldn't read the file, x509 issue. Given that using ulimit fixed this. ...... i guess if the failure is when spawning some Ssl stuff you can't do anything about it?
I've updated /etc/security/limits.conf - giving radius user more soft/hard files... but that didn't work .. even though the server is using radius/radius the limits seem to require root limits to be modified . Looking at adjusting the systemd script right now but it'll catch out any local admins trying to do eg radiusd -X ;)
More information about the Freeradius-Users