TODO: Add comment about max files open.

author: Jonas Smedegaard <dr@jones.dk> 2002-03-14 14:19:08 +0000
committer: Jonas Smedegaard <dr@jones.dk> 2002-03-14 14:19:08 +0000
commit: 310995493a17a40ae92c6fb92f3dbc0127818df6 (patch)
tree: 53fb060ca5cfb1851e0d3a53b924d49d35b5b305 /TODO
parent: 56d8b5320180934b33403009412099c4c74cc5be (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/TODO b/TODO
index b734fa2..b2a7557 100644
--- a/TODO
+++ b/TODO
@@ -6,6 +6,11 @@ Add squid support: Search /etc/squid.conf for "YOUR OWN RULE" and add "acl local
 Add integrit support: Remove all relevant comments in /etc/integrit/integrit.conf and "# ! " in /etc/cron.daily.integrit.
 Implement meta-hints about filesharing: ftp should use "-l" and "~ users" when default users are dummy users. And the local user-init, adduser.local and deluser.local should be generic.
 Figure out if bind or bind9 is installed as nameserver (currently both are reloaded, which is non-optimal and _can_ lead to errors)
+Calibrate max open files based on available memory (as suggested at http://www.linuxdoc.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap6sec72.html and http://www.xenoclast.org/doc/benchmark/HTTP-benchmarking-HOWTO/node7.html):
+	FILEMAX = (INSTALLED_RAM*256)/4
+	/etc/sysctl.conf: fs.file-max = FILEMAX
+	/etc/security/limits.conf: * soft nofile 1024
+	/etc/security/limits.conf: * hard nofile FILEMAX
 
 Xenux: 
 ------
author	Jonas Smedegaard <dr@jones.dk>	2002-03-14 14:19:08 +0000
committer	Jonas Smedegaard <dr@jones.dk>	2002-03-14 14:19:08 +0000
commit	310995493a17a40ae92c6fb92f3dbc0127818df6 (patch)
tree	53fb060ca5cfb1851e0d3a53b924d49d35b5b305 /TODO
parent	56d8b5320180934b33403009412099c4c74cc5be (diff)