<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Thank you for the quick replay. I did it and they are looking at it. <div>I am adding link to the github issue about this one just for reference if someone need it in future.</div><div><a href="https://github.com/SpiderLabs/ModSecurity/issues/137">https://github.com/SpiderLabs/ModSecurity/issues/137</a></div><div><div><br></div><div>Regards,</div><div>Kiril</div><div><br><div><div>On Aug 22, 2013, at 6:16 PM, Alan Silva wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div>Hi Kiril,<br><br>I think the better place to make this question its on modsecurity users list, because apparently its a problem in modsecurity module and don't in NGINX.<br><br>Regards,<br><br>Alan<br><br><br>On Aug 22, 2013, at 8:26 AM, Kiril Kalchev <<a href="mailto:kirilk@cloudxcel.com">kirilk@cloudxcel.com</a>> wrote:<br><br><blockquote type="cite">Hi,<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">I have a problem with nginx and mod_security module. After reloading nginx configuration (kill -HUP <master-nginx-pid>) all files opened by mod_security are opened once again without closing the old ones. That means at some point we hit the limit of open file descriptors, in my real life scenario I leak over 300 files on each reload.<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">Here are my sample configs just to illustrate the problem:<br></blockquote><blockquote type="cite">============================================================<br></blockquote><blockquote type="cite">nginx.conf<br></blockquote><blockquote type="cite">user www-data www-data;<br></blockquote><blockquote type="cite">worker_processes 6;<br></blockquote><blockquote type="cite">worker_rlimit_nofile 200000;<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">error_log /var/log/nginx/error.log debug;<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">events {<br></blockquote><blockquote type="cite">       worker_connections  16384;<br></blockquote><blockquote type="cite">       multi_accept on;<br></blockquote><blockquote type="cite">       use epoll;<br></blockquote><blockquote type="cite">}<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">http {<br></blockquote><blockquote type="cite">       server {<br></blockquote><blockquote type="cite">               listen 80;<br></blockquote><blockquote type="cite">               location / {<br></blockquote><blockquote type="cite">                       ModSecurityEnabled on;<br></blockquote><blockquote type="cite">                       ModSecurityConfig modsecurity.conf;<br></blockquote><blockquote type="cite">                       return 555;<br></blockquote><blockquote type="cite">               }<br></blockquote><blockquote type="cite">       }<br></blockquote><blockquote type="cite">}<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">============================================================<br></blockquote><blockquote type="cite">modsecurity.conf:<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite"># Debug log<br></blockquote><blockquote type="cite">SecDebugLog /var/log/waf/events.log<br></blockquote><blockquote type="cite">============================================================<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">In this situation after each configuration reload I am leaking open files:<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">www-data@dev03 ~ # lsof | grep nginx | wc -l; kill -HUP `ps aux | grep 'nginx: master process' | grep -v grep | awk '{print $2}'`; sleep 2; lsof | grep nginx |  wc -l<br></blockquote><blockquote type="cite">361<br></blockquote><blockquote type="cite">368<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">I am using Ubuntu 12.04 LTS and nginx _openresty 1.4.2.1<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">(DEPLOY)www-data@dev03:~# nginx -V<br></blockquote><blockquote type="cite">nginx version: ngx_openresty/1.4.2.1<br></blockquote><blockquote type="cite">built by gcc 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5)<br></blockquote><blockquote type="cite">TLS SNI support enabled<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">Does someone else have the same problem?<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">I will be happy to provide other information if necessary.<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">Regards,<br></blockquote><blockquote type="cite">Kiril<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">_______________________________________________<br></blockquote><blockquote type="cite">nginx mailing list<br></blockquote><blockquote type="cite"><a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br></blockquote><blockquote type="cite"><a href="http://mailman.nginx.org/mailman/listinfo/nginx">http://mailman.nginx.org/mailman/listinfo/nginx</a><br></blockquote><br>_______________________________________________<br>nginx mailing list<br><a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>http://mailman.nginx.org/mailman/listinfo/nginx<br></div></blockquote></div><br></div></div></body></html>