Opened 8 years ago

Closed 8 years ago

Last modified 6 years ago

#3030 closed defect (fixed)

Log message "connection problems please raise your ulimit -n"

Reported by: pem10777 Owned by:
Priority: Medium Milestone:
Component: Core Tor/Tor Version:
Severity: Keywords: tbb linux tor-relay
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Linux version 2.6.35-28-generic (buildd@rothera) (gcc version 4.4.5 (Ubuntu/Linaro 4.4.4-14ubuntu5) ) #50-Ubuntu SMP Fri Mar 28 19:00:26 UTC 2011 Ubuntu 10.10

I was running Tor and I noticed the warning 991 connection problems please raise your ulimit -n so here is what worked me.

991 connection problems please raise your ulimit -n

I managed to fix this problem. To my limited knowledge this is what i came up with. There is a Soft limit and a Hard limit. To see them you type ulimit -Sa for the the soft, and ulimit -Ha to see the hard. The soft is the minimum setting of that file in this case the -n. You type ulimit -Sn to see the -n soft and -Hn to see the -n hard.
To change the settings you must first need to change the Hard file which is the maximum allowed. If not it won't let you change the soft settings because setting in the hard file is smaller than in the soft file setting which you are trying to change.
To do this you have to change the settings here.
You go to the terminal and type in sudo gedit /etc/security/limits.conf

You will see a bunch of number signs. At the bottom of the commands right before the #end file
you type in this. * hard nofile 51200 with out the # sign.
and * soft nofile 51200 right below it.

This will set the hard and the soft to 51200 or any number you want as long as its in increments or 1024.

Then you have to go to this file
In the terminal type sudo gedit /etc/pam.d/common-session
at the bottom of this file type this
session required

save the file and restart the computer.
now look at your hard file
and your soft file
the hard should have changed to 51200 as well as the soft.

This is what it looks like

# /etc/security/limits.conf
#Each line describes a limit for a user in the form:
#<domain> <type> <item> <value>
#<domain> can be:
# - an user name
# - a group name, with @group syntax
# - the wildcard *, for default entry
# - the wildcard %, can be also used with %group syntax,
# for maxlogin limit
# - NOTE: group and wildcard limits are not applied to root.
# To apply a limit to the root user, <domain> must be
# the literal username root.
#<type> can have the two values:
# - "soft" for enforcing the soft limits
# - "hard" for enforcing hard limits
#<item> can be one of the following:
# - core - limits the core file size (KB)
# - data - max data size (KB)
# - fsize - maximum filesize (KB)
# - memlock - max locked-in-memory address space (KB)
# - nofile - max number of open files
# - rss - max resident set size (KB)
# - stack - max stack size (KB)
# - cpu - max CPU time (MIN)
# - nproc - max number of processes
# - as - address space limit (KB)
# - maxlogins - max number of logins for this user
# - maxsyslogins - max number of logins on the system
# - priority - the priority to run user process with
# - locks - max number of file locks the user can hold
# - sigpending - max number of pending signals
# - msgqueue - max memory used by POSIX message queues (bytes)
# - nice - max nice priority allowed to raise to values: [-20, 19]
# - rtprio - max realtime priority
# - chroot - change root to directory (Debian-specific)
#<domain> <type> <item> <value>
#* soft core 0
#root hard core 100000
#* hard rss 10000
#@student hard nproc 20
#@faculty soft nproc 20
#@faculty hard nproc 50
#ftp hard nproc 0
#ftp - chroot /ftp
#@student - maxlogins 4

  • hard nofile 51200 <---sets the hard
  • soft nofile 51200 <---sets the soft

# End of file

the other file looks like this

# /etc/pam.d/common-session - session-related modules common to all services
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive).
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
# To take advantage of this, it is recommended that you configure any
# local modules either before or after the default block, and use
# pam-auth-update to manage selection of other modules. See
# pam-auth-update(8) for details.

# here are the per-package modules (the "Primary" block)
session [default=1]
# here's the fallback if no module succeeds
session requisite
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
session required
# and here are more per-package modules (the "Additional" block)
session required
session optional nox11
# end of pam-auth-update config

session required <---add here

I got most of this from this link and I played with it
till I got it to work.

Worked For me Hope it will work for you.
Next Task
Warning: eventdns: All nameserver have failed

Child Tickets

Change History (10)

comment:1 Changed 8 years ago by mikeperry

Keywords: 991 connection problems please raise your ulimit -n removed
Resolution: fixed
Status: newclosed

comment:2 Changed 8 years ago by mikeperry

Summary: 991 connection problems please raise your ulimit -nLog message "connection problems please raise your ulimit -n"

comment:3 Changed 8 years ago by arma

See also item 14 at

I wonder if we should make those instructions more obvious for relay operators. (On the other hand, most relay operators use a Tor package that automatically raises their ulimit -n.)

comment:4 Changed 7 years ago by karsten

Keywords: tbb linux added
Milestone: Tor Browser Bundle for Linux

comment:5 Changed 6 years ago by nickm

Keywords: tor-relay added

comment:6 Changed 6 years ago by nickm

Component: Tor RelayTor

comment:7 Changed 6 years ago by keb

Should this be added to the
I use the alpha or rc versions and always compile from source ball.
(Havent seen this problem in a year of running a relay but it just happened with )

comment:8 Changed 6 years ago by arma

I specifically stripped out all of this stuff when I made the tor-relay-debian page. That's because the deb does it all for you, and having all the extra stuff on the page made people not read the stuff they *do* need to read.

How about adding a line to the tor-relay-debian page explaining that it's really important to use the deb, since it changes your ulimit, makes a new user, starts on boot, etc. And then maybe we could link to a wiki page that explains what super-expert users are going to need to do to run a relay manually?

comment:9 Changed 6 years ago by keb

I am not a super-expert so if the .deb is generated quickly after the tarball nowadays i am happy to use that instead. Recommendation above suits me.

(Installed it and copied my keys in, works great, looking forward to less maintenance overhead.)

comment:10 Changed 6 years ago by arma

I just made #9390 based on these discussions.

Note: See TracTickets for help on using tickets.