From 139d7a57a0c45e55fd13166eb173aec84b48af9f Mon Sep 17 00:00:00 2001
From: Earlopain <14981592+Earlopain@users.noreply.github.com>
Date: Mon, 11 Dec 2023 17:53:16 +0100
Subject: [PATCH 1/3] Guard against high `ulimit -n` when starting vnc

Recent versions of docker in combination with the upstream systemd
unit files pass an incredibly high `ulimit -n` to the docker container, up
to 1 billion. That causes minute high delays and CPU spinning when
connecting to VNC while it enumerates all the file descriptors.

See #2045
---
 NodeBase/start-vnc.sh | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/NodeBase/start-vnc.sh b/NodeBase/start-vnc.sh
index 345ac94e9f..a051926237 100755
--- a/NodeBase/start-vnc.sh
+++ b/NodeBase/start-vnc.sh
@@ -44,6 +44,17 @@ if [ "${START_XVFB:-$SE_START_XVFB}" = true ] ; then
       echo "Waiting for Xvfb..."
     done
 
+    # Guard against unreasonably high nofile limits. See https://github.com/SeleniumHQ/docker-selenium/issues/2045
+    if [[ $(ulimit -n) -gt 200000 ]]; then
+      echo "Trying to lower the open file descriptor limit from $(ulimit -n) to 65536."
+      ulimit -n 65536
+      if [ $? -eq 0 ]; then
+        echo "Successfully lowered the open file descriptor limit."
+      else
+        echo "Failed to lower the open file descriptor limit. This can result in delays when connecting to VNC."
+      fi
+    fi
+
     x11vnc ${X11VNC_OPTS} -forever -shared -rfbport ${VNC_PORT:-$SE_VNC_PORT} -rfbportv6 ${VNC_PORT:-$SE_VNC_PORT} -display ${DISPLAY}
   else
     echo "VNC won't start because SE_START_VNC is false."

From d33a3bad32c9f200329881df22b700a2d15909c7 Mon Sep 17 00:00:00 2001
From: Earlopain <14981592+Earlopain@users.noreply.github.com>
Date: Mon, 11 Dec 2023 18:24:12 +0100
Subject: [PATCH 2/3] Update failure message

---
 NodeBase/start-vnc.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/NodeBase/start-vnc.sh b/NodeBase/start-vnc.sh
index a051926237..5999000d1c 100755
--- a/NodeBase/start-vnc.sh
+++ b/NodeBase/start-vnc.sh
@@ -51,7 +51,7 @@ if [ "${START_XVFB:-$SE_START_XVFB}" = true ] ; then
       if [ $? -eq 0 ]; then
         echo "Successfully lowered the open file descriptor limit."
       else
-        echo "Failed to lower the open file descriptor limit. This can result in delays when connecting to VNC."
+        echo "The open file descriptor limit could not be updated. This can result in delays when connecting to VNC."
       fi
     fi
 

From 32aac52ac3ca5dc10878dfa45f8861a2a8a06456 Mon Sep 17 00:00:00 2001
From: Earlopain <14981592+Earlopain@users.noreply.github.com>
Date: Mon, 11 Dec 2023 18:40:37 +0100
Subject: [PATCH 3/3] Allow the ulimit to be configurable by env

---
 NodeBase/start-vnc.sh | 10 +++++-----
 README.md             |  2 ++
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/NodeBase/start-vnc.sh b/NodeBase/start-vnc.sh
index 5999000d1c..b5cfe34595 100755
--- a/NodeBase/start-vnc.sh
+++ b/NodeBase/start-vnc.sh
@@ -45,13 +45,13 @@ if [ "${START_XVFB:-$SE_START_XVFB}" = true ] ; then
     done
 
     # Guard against unreasonably high nofile limits. See https://github.com/SeleniumHQ/docker-selenium/issues/2045
-    if [[ $(ulimit -n) -gt 200000 ]]; then
-      echo "Trying to lower the open file descriptor limit from $(ulimit -n) to 65536."
-      ulimit -n 65536
+    if [[ $(ulimit -n) -gt 200000 || ! -z "${SE_VNC_ULIMIT}" ]]; then
+      echo "Trying to update the open file descriptor limit from $(ulimit -n) to ${SE_VNC_ULIMIT:-65536}."
+      ulimit -n ${SE_VNC_ULIMIT:-65536}
       if [ $? -eq 0 ]; then
-        echo "Successfully lowered the open file descriptor limit."
+        echo "Successfully update the open file descriptor limit."
       else
-        echo "The open file descriptor limit could not be updated. This can result in delays when connecting to VNC."
+        echo "The open file descriptor limit could not be updated."
       fi
     fi
 
diff --git a/README.md b/README.md
index 95b69c656a..8a92ce5331 100644
--- a/README.md
+++ b/README.md
@@ -1169,6 +1169,8 @@ If you want to run VNC without password authentication you can set the environme
 
 If you want to run VNC in view-only mode you can set the environment variable `SE_VNC_VIEW_ONLY=1`.
 
+If you want to modify the open file descriptor limit for the VNC server process you can set the environment variable `SE_VNC_ULIMIT=4096`.
+
 ### Using your browser (no VNC client is needed)
 
 This project uses [noVNC](https://github.com/novnc/noVNC) to allow users to inspect visually container activity with