Folks,
We migrated a single-server Cyrus from Solaris 9 to Solaris 10
early last week, jumping from 2.2.13 to 2.3.15 in the process.
All runs pretty well, save for a huge number of authentication
failures when the system is under less-than-trivial load.
cyrus-sasl-2.1.23 was compiled with -D_REENTRANT compiler flag
and started with '-a shadow' authentication mechanism.
When truss-ing ("tracing") one of the pop3 processes, we can
observe two scans of /etc/passwd and /etc/group
Question : at which stage would a Cyrus pop3d process need to
obtain information from the /etc/passwd and /etc/group files,
since it does not need to set euid or egid nor perform authen-
tication by its own, since that's handled by saslauthd (easily
verifiable by halting the running saslauthd, which makes all
POP and IMAP authentication attempts fail) ?
All hints very welcome,
Eric Luyten, Computing Centre VUB/ULB.
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
