in.tftpd - ulimit -u not working? cgroups?

[Nikola Ciprich]

Hello everybody,

on one of our boxes, I'm encountering strange problem from
time to time.. in.tftpd processes are forking up to thousand of
processes, getting server to almost unresponsive state.

I've tried various approaches to limiting tftp daemon but to no
avail..

what puzzles me most is, that it seems to breach even ulimit -u setting.

I'm starting in.tftpd from initscript (so no xinetd), prior to starting it, ulimit -n 50
is run.

I can see limit set up correctly for master process:

grep processes /proc/XXX/limits:
Max processes             50                   50                   processes

but again, few days ago, problem occured again, according to atop records, thousands
of in.tftpd processes got forked..

Any idea on what could I be doing wrong?

I also tried limiting memory using cgroups, but even with limit of 2MB, it can spawn
much more processes than I'd like, and 1MB is too low... Is it possible to limit
number of processes using cgroups? but I still think ulimit should be enough, but
what am I doing wrong here?

thanks a lot for any clues in advance, I'm really becoming desperate...

BR

nik

-- 
-------------------------------------
Ing. Nikola CIPRICH
LinuxBox.cz, s.r.o.
28.rijna 168, 709 00 Ostrava

tel.:   +420 591 166 214
fax:    +420 596 621 273
mobil:  +420 777 093 799
www.linuxbox.cz

mobil servis: +420 737 238 656
email servis: servis@xxxxxxxxxxx
-------------------------------------

Attachment: pgp00000.pgp
Description: PGP signature