archive.info-cyrus - 49311
[ Next in Sequence | Previous in Sequence | Threaded Index | List Index | Top of Thread Index | Top of List Index ]
 
Msg #49311 Previous in Sequence Next in Sequence
DateTue, 6 Oct 2009 16:19:59 +0200 (CEST)
Toinfo-cyrus@lists.andrew.cmu.edu
FromEric Luyten <Eric.Luyten@vub.ac.be>
Reply-To:Eric Luyten <Eric.Luyten@vub.ac.be>
SubjectNeed for pop3d processes on Solaris 10 to scan /etc/passwd and /etc/group, twice ?
Folks,


We migrated a single-server Cyrus from Solaris 9 to Solaris 10
early last week, jumping from 2.2.13 to 2.3.15 in the process.

All runs pretty well, save for a huge number of authentication
failures when the system is under less-than-trivial load.

cyrus-sasl-2.1.23 was compiled with -D_REENTRANT compiler flag
and started with '-a shadow' authentication mechanism.

When truss-ing ("tracing") one of the pop3 processes, we can
observe two scans of /etc/passwd and /etc/group

Question : at which stage would a Cyrus pop3d process need to
obtain information from the /etc/passwd and /etc/group files,
since it does not need to set euid or egid nor perform authen-
tication by its own, since that's handled by saslauthd (easily
verifiable by halting the running saslauthd, which makes all
POP and IMAP authentication attempts fail) ?


All hints very welcome,

Eric Luyten, Computing Centre VUB/ULB.

----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
[ Next in Sequence | Previous in Sequence | Threaded Index | List Index | Top of Thread Index | Top of List Index ]