OpenLDAP and file limits

[Bevan C. Bennett]

> Let's start by looking at what files are open to get a clue what is 
> going on.

Well, since you've asked, whenever I check it usually looks like this:
[root at urd ~]$ lsof -u ldap | grep REG | awk '{print $9}'
/usr/sbin/slapd
/lib/tls/libdb-4.1.so
/usr/lib/sasl2/libcrammd5.so.2.0.15
/usr/lib/sasl2/libplain.so.2.0.15
/lib/libnss_files-2.3.2.so
/lib/libnss_dns-2.3.2.so
/usr/lib/sasl2/liblogin.so.2.0.15
/usr/lib/sasl2/libdigestmd5.so.2.0.15
/lib/ld-2.3.2.so
/lib/tls/libc-2.3.2.so
/lib/libdl-2.3.2.so
/usr/lib/libz.so.1.2.0.7
/lib/libcrypt-2.3.2.so
/lib/libresolv-2.3.2.so
/lib/libcrypto.so.0.9.7a
/lib/libcom_err.so.2.1
/lib/tls/libpthread-0.60.so
/usr/lib/libk5crypto.so.3.0
/usr/lib/libkrb5.so.3.2
/lib/libnsl-2.3.2.so
/usr/lib/libgssapi_krb5.so.2.2
/lib/libssl.so.0.9.7a
/usr/lib/tls/libslapd_db-4.1.so
/usr/lib/libwrap.so.0.7.6
/usr/lib/sasl2/libsasldb.so.2.0.15
/lib/libnss_ldap-2.3.2.so
/usr/lib/sasl2/libanonymous.so.2.0.15
/usr/add/ldap/__db.005
/usr/add/ldap/__db.004
/usr/add/ldap/__db.003
/usr/add/ldap/__db.002
/usr/add/ldap/__db.001
/usr/add/ldap/id2entry.bdb
/usr/add/ldap/log.0000000001
/usr/add/ldap/dn2id.bdb
/usr/add/ldap/objectClass.bdb
/usr/add/ldap/gidNumber.bdb
/usr/add/ldap/uidNumber.bdb
/usr/add/ldap/ctCalXItemId.bdb
/usr/add/ldap/uid.bdb
/usr/add/ldap/memberUid.bdb
/usr/add/ldap/sambaDomainName.bdb
/usr/add/ldap/sambaSID.bdb
/usr/add/ldap/sn.bdb
/usr/add/ldap/givenName.bdb
/usr/add/ldap/cn.bdb
/usr/add/ldap/mail.bdb

Of course there's also a reasonable pile of TCP connections:
[root at urd ~]$ lsof -u ldap | grep TCP | wc -l
     113

It looks like /etc/hosts.allow gets opened only momentarily and is thus 
hard to catch with lsof.

Oh, and since someone will probably ask, my kernel settings are still at 
their installation defaults:
[root at urd ~]$ cat /proc/sys/fs/file-nr
739     165     209708

It's the number of TCP connections that seems to grow over time.