I fixed this now, but I could find virtually no documentation about it
online, so I'm writing this email to document what surely must be a
common problem ...
I wanted to enable HTTP/2 support in Apache on Fedora 38.
I followed the documentation here which worked [although it's way more
complicated than it needs to be, why isn't HTTP/2 the default out of
the box?]
https://httpd.apache.org/docs/2.4/howto/http2.html
Anyway the problem I had was that the server worked fine provided
there were not too many clients (and by "too many" I mean a simple
load test with 4-16 clients failed). Apache randomly threw 403
Forbidden errors, but with less load it gave a normal (2xx) response.
The first problem is the error is misleading:
[Wed Feb 22 13:24:52.013780 2023] [core:error] [pid 3047850:tid 3047899] (24)Too many
open files: [remote 192.168.0.139:53738] AH00132: file permissions deny server access:
/var/www/html/[filename]
If you concentrate on the second part "file permissions deny server
access" -- as I did -- then you'll be looking at file permissions,
SELinux, restorecon, ausearch etc. That's a red herring, there is no
permissions problem.
The real error is the first part "Too many open files".
It turns out that the default open file limit (1024!) is too low. To
change this and fix the problem:
# systemctl edit httpd
This creates an "override" file to which you should add (or you could
just create this file directly):
# cat /etc/systemd/system/httpd.service.d/override.conf
[Service]
LimitNOFILE=65536
and then restart Apache for the change to take effect.
Why on earth Apache needs > 1024 open files to serve a dozen clients
is not clear at all.
Rich.
--
Richard Jones, Virtualization Group, Red Hat
http://people.redhat.com/~rjones
Read my programming and virtualization blog:
http://rwmj.wordpress.com
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top