Environment
Novell Access Manager 3.1 Linux Access Gateway
Novell Access Manager 3.1 Support Pack 3 applied
Novell Access Manager 3.1 Support Pack 3 applied
Situation
Access Manager installed and working fine - all Linux Access Gateway (LAG) protected resources are available after users authenticate with the Identity (IDP) Server. However, after a few days the LAG generates an alert that the system has restarted when alerting enabled on the LAG. Looking more closely at the LAG ics_dyn log file (/var/log/ directory), one can see that the LAG restarted and that there were SCACHE memory alloc errors displayed just prior to the restart.
At the same time as the LAG restart, the following error was reported in the /var/log/messages file:
"kernel: Out of socket memory"
At the same time as the LAG restart, the following error was reported in the /var/log/messages file:
"kernel: Out of socket memory"
Resolution
Enable the following touch files and restart the LAG. Make sure that the LAG is patched to min 3.1 SP3 IR2
# touch /var/novell/.releaseclosewait
# touch /var/novell/.fixCloseWait
# touch /var/novell/.releasetimedoutbrowserconn
# /etc/init.d/novell-vmc stop
# rm /var/novell/.~newInstall
# /etc/init.d/novell-vmc start
The touch files will run a thread going through all TCP connections in the CLOSE_WAIT state for a period of time, before resetting them and cleaning up resources.
# touch /var/novell/.releaseclosewait
# touch /var/novell/.fixCloseWait
# touch /var/novell/.releasetimedoutbrowserconn
# /etc/init.d/novell-vmc stop
# rm /var/novell/.~newInstall
# /etc/init.d/novell-vmc start
The touch files will run a thread going through all TCP connections in the CLOSE_WAIT state for a period of time, before resetting them and cleaning up resources.