On 10/11/12 13:17 +0200, Tobias Kirchhofer wrote:
Hello list,
my setup is Ubuntu 12.04, postfix, cyrus, cyrus-sasl and pam-mysql
using standard dist-packages. MySQL is on another server on the same
machine in a openvz container.
After around 3 days sasl starts with erratic behaviour. Sometimes
authentification works, sometimes not. All of a sudden. I tried
tessaslauthd from console with success, next time with an error.
root@mail:~# testsaslauthd -u user@xxxxxxxxxxx -p XXX -f
/var/spool/postfix/var/run/saslauthd/mux
0: NO "authentication failed"
root@mail:~# testsaslauthd -u user@xxxxxxxxxxx -p XXX -f
/var/spool/postfix/var/run/saslauthd/mux
0: OK "Success."
Restart of saslauthd daemon fixes everything until around 3 days when
the misbehaviour starts again.
That could be a file descriptor (open socket) leak. Compare the output
of 'netstat -anp' between the two situations.
I observed everything carefully with all relevant debugging options
but no real insights. Below you find some strace from the saslauthd.
First part is not working, second part works.
Does someone has an idea to solve or give me a hint what else i could
do to trace down the problem?
Try starting saslauthd with '-n 0' which will cause saslauthd to fork a
new process for each connection. You might also be able to mask the problem
to some extent by enabling caching with '-c'.
Check the upstream changelog from the pam-mysql maintainer to see if this
is a known issue.
26722 sendto(8, "\"0\1\0\0\1\0\0\0\0\0\0\5mysql\f<cut>\3"...,
You might have revealed a substring of your password to the mailing list
here.
--
Dan White