我在Apache的错误日志中看到以下条目
[Mon Jul 04 13:39:27 2011] [alert] (11)Resource temporarily unavailable: setuid: unable to change to uid: 48 [Mon Jul 04 13:39:27 2011] [alert] (11)Resource temporarily unavailable: setuid: unable to change to uid: 48 [Mon Jul 04 13:39:27 2011] [alert] Child 13286 returned a Fatal error... Apache is exiting! [Mon Jul 04 13:39:27 2011] [alert] (11)Resource temporarily unavailable: setuid: unable to change to uid: 48 [Mon Jul 04 13:39:27 2011] [alert] (11)Resource temporarily unavailable: setuid: unable to change to uid: 48 cat /etc/security/limits.d/90-nproc.conf # Default limit for number of user's processes to prevent # accidental fork bombs. # See rhbz #432903 for reasoning. * soft nproc 1024 apache soft nproc 8800 apache hard nproc 65000 #Apache conf info <IfModule prefork.c> StartServers 80 MinSpareServers 100 MaxSpareServers 101 ServerLimit 2100 MaxClients 2100 MaxRequestsPerChild 3000 </IfModule> Apache以root身份运行,然后发给apache用户。 apache用户的nproc设置将不起作用,请尝试增加所有用户的nproc设置:
* soft nproc 8000
要么在90-nproc.conf文件中执行此操作,要么对其进行注释,然后在/etc/security/limits.conf文件中执行该操作。
在/etc/security/limits.d或limits.conf定义的限制将不适用于调用setuid程序,除非在PAM模块中指定了此限制。
您可以通过添加以下行来启用此行为:
session required pam_limits.so
对这些文件: