The problem is, the second server receives this as the full URI; I
have to define “root” to be the base URI (/home/foo/web/foo.com) so
the /sites/something maps to it properly. Is there any way to remove
parts of the URI when passing via proxy? So the /sites/something/
isn’t needed on the upstream server?
On Mon, Sep 22, 2008 at 10:31:02PM -0700, mike wrote:
The problem is, the second server receives this as the full URI; I
have to define “root” to be the base URI (/home/foo/web/foo.com) so
the /sites/something maps to it properly. Is there any way to remove
parts of the URI when passing via proxy? So the /sites/something/
isn’t needed on the upstream server?
Yeah, I’ve tried this before too, executing rewrites before the
location block and such. I can’t really do it here - I could do it
-inside- of the location block however, if needed. This current host
supports a ton of other rewrites and it could get confusing and/or
break something if I did any more rewrites outside of the location
block!
I am receiving a strange segault in dmesg every few hours… and then
nginx orphans those connections, so after about a day there are
2000-3000 connections that are just “waiting”.
This isn’t that bad, as the server has received over 1,228,503
connections since a restart this morning, but still those orphaned
connections pile up, and I have to restart nginx to clear them.
Here is what I am receiving:
nginx[27715]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27679]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27690]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27727]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27728]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27677]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27706]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27680]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[5214]: segfault at c ip 00000030d106c942 sp 00007fffcd340798 error
4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27686]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27688]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27678]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27717]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27682]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27726]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27724]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
__ratelimit: 34 callbacks suppressed
nginx[27720]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[22566]: segfault at c ip 00000030d106c942 sp 00007fffcd340798
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27685]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[22587]: segfault at c ip 00000030d106c942 sp 00007fffcd340798
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27722]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27696]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27691]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27701]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[23722]: segfault at c ip 00000030d106c942 sp 00007fffcd340798
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[22562]: segfault at c ip 00000030d106c942 sp 00007fffcd340798
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27719]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[22578]: segfault at c ip 00000030d106c942 sp 00007fffcd340798
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[22560]: segfault at c ip 00000030d106c942 sp 00007fffcd340798
error 4 in libkrb5.so.3.3[30d1000000+9f000]
I know that libkrb5 is for kerberos… I don’t think I am even using
that in my configuration. No DAV support, etc… So I don’t understand
exactly why nginx is faulting.
Please let me know what additional information I can send that would be
helpful.
On Tue, Sep 23, 2008 at 11:49:05AM -0500, Resicow wrote:
Here is what I am receiving:
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27688]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27719]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
Please let me know what additional information I can send that would be
helpful.
connections since a restart this morning, but still those orphaned
nginx[27727]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27726]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
nginx[22587]: segfault at c ip 00000030d106c942 sp 00007fffcd340798
error 4 in libkrb5.so.3.3[30d1000000+9f000]
that in my configuration. No DAV support, etc… So I don’t understand
exactly why nginx is faulting.
Please let me know what additional information I can send that would be
helpful.
On Tue, Sep 23, 2008 at 12:49:42PM -0500, Resicow wrote:
Igor S. wrote:
On Tue, Sep 23, 2008 at 11:49:05AM -0500, Resicow wrote:
Hello,
I am receiving a strange segault in dmesg every few hours… and then
nginx orphans those connections, so after about a day there are
2000-3000 connections that are just “waiting”.
These orphan connections leave from segfaulted workers.
This is wrong counter statistics only. It does not actually leak
OS resources.
nginx[27690]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[27682]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
nginx[27685]: segfault at c ip 00000030d106c942 sp 00007fffcd340728
error 4 in libkrb5.so.3.3[30d1000000+9f000]
This isn’t that bad, as the server has received over 1,228,503
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[5214]: segfault at c ip 00000030d106c942 sp 00007fffcd340798 error
error 4 in libkrb5.so.3.3[30d1000000+9f000]
error 4 in libkrb5.so.3.3[30d1000000+9f000]
nginx[23722]: segfault at c ip 00000030d106c942 sp 00007fffcd340798
I know that libkrb5 is for kerberos… I don’t think I am even using
It seems that librkb5 was linked via libssl/etc. You may try to do two things:
build nginx without SSL,
build nginx without stripping debug info and allow to create coredump.
Then I can invetsigate the bug.
I’m glad that the orphaned connections do not use system resources… at
least the system won’t be taken down and run out of available
connections.
The faults are very strange, since I have a replica setup on replica
hardware, and it doesn’t produce faults. I’ll have some time in a few
days to take the system down and create a coredump, but SSL support is
required and used in my setup. Also the faults come in waves, which is
also strange.
Both servers have the same version of libkrb5 as well… so maybe there
is some client (or attacker) trying to create SSL sessions in a bad way.
Is there anyway to find out what “error 4” is in libkrb5.so.3? Should I
upgrade openssl and then rebuild?
Thanks Again,
John
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.