[stunnel-users] 6 processes + out of memory issues on CentOS 6 stunnel (4.29)
Todd Rinaldo
toddr at cpanel.net
Wed Oct 31 14:05:57 CET 2012
I'm experimenting with using the stunnel that comes with CentOS 6 (4.29). I have a config file that is successfully being used on stunnel version 4.15 on the same host without any issues.
My issues:
1. starting stunnel creates 6 processes. I assume this has something to do with libwrap, but I'm not finding much discussion about it by doing a search. I'm also assuming that the binaries are forking after load, so it's not a significant memory expense to do this due to COW. Is this correct?
2. I'm getting 't of memory' (no "ou" in the error) messages from syslog when I do more than one request via chrome to port 2087. The process indicated from the message points to the stunnel process that has ownership of the open ports. A single request to this port doesn't seem to spawn the issue. Can anyone suggest what might be causing this?
Upgrading to a newer version of stunnel is possible, but I would prefer to keep the version Red Hat provides so they can be on the hook for CVE issues.
My config file follows:
-----
cert = /var/cpanel/ssl/cpanel/cpanel.pem
chroot = /usr/local/cpanel/var/run/stunnel/
# PID is created inside chroot jail
pid = /stunnel.pid
setuid = cpanel
setgid = cpanel
# Service-level configuration
[cpanelhttps]
accept = 2083
connect = 2082
TIMEOUTclose = 0
[whmhttps]
accept = 2087
connect = 2086
TIMEOUTclose = 0
[webmailhttps]
accept = 2096
connect = 2095
TIMEOUTclose = 0
More information about the stunnel-users
mailing list