Description of problem: The following errors appear in the logs: Sep 10 10:05:01.787 socket.c:1875: unexpected error: Sep 10 10:05:01.787 internal_accept: fcntl() failed: Too many open files Sep 10 10:10:01.531 socket.c:1875: unexpected error: Sep 10 10:10:01.531 internal_accept: fcntl() failed: Too many open files Version-Release number of selected component (if applicable): bind-9.2.4-30.el4 How reproducible: Under heavier load Steps to Reproduce: 1. Start bind 2. If the queries frequency is sufficiently high, the error logs start to appear Actual results: Error messages in the log Expected results: No error messages Additional info: The problem looks to be caused by the patches for CVE-2008-1447. There exists related bug for RHEL-5 (https://bugzilla.redhat.com/show_bug.cgi?id=457036) and partial fix was included in bind 9.3.5-P2 I think.
Created attachment 326939 [details] Partial patch This is a partial fix that helps to get rid of the errors in some cases.
*** Bug 481824 has been marked as a duplicate of this bug. ***
Created attachment 331426 [details] Improved patch
Patch bind92-rh476515.patch is included as patch 25. According to [1] this can not be easilly tested inhouse, but there is a good feedback from the costomer [2]. => SanityOnly [1] https://bugzilla.redhat.com/show_bug.cgi?id=476515#c12 [2] https://bugzilla.redhat.com/show_bug.cgi?id=476515#c4
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: * when the number of processed queries in BIND was sufficiently high, the following error message was logged: "internal_accept: fcntl() failed: Too many open files". With this update, timeout queries are aborted in order to reduce the number of open UDP sockets, and when the accept() function returns an EMFILE error value, that situation is now handled gracefully, thus resolving the issue.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0223.html