On Mon, 9 Feb 2004, Matthew baker wrote:
> Hi,
> Thanks for the reply.
>
> Rob Siemborski wrote:
> > On Sat, 7 Feb 2004, Matthew Baker wrote:
> >
> > If you are using PAM with saslauthd, you need to be very sure that
> > whatever PAM module you are using doesn't have any memory leaks, otherwise
> > you'll become very sad very quickly.
> >
>
> pam_mysql 0.4.7 which has been patched to allow for crypt passwords and
> md5 hashes. My previous server had both types stored. I suppose one
> would be to move to a more stable (newer) version of pam_mysql. However,
> my patch only seems to work with this version. I do remember trying
> version 0.5 with not much luck. I have a spare box I'm going to retry with.
>
> If I could convert the md5 hashed passwords to crypt ones I may be able
> to get around it. This is another reason I hesitant to move to auxprop.
> Needs a little more research. Any tips on how to tell if there are
> memory leaks in pam_mysql?
I've been running with -n0 on saslauthd for the last 6 months with no
performance problems. I am using a combination of pam_unix and pam_ldap
with Cyrus, and saslauthd was growing in size fairly quickly. So let me
say that pam_mysql is not the only pam module that seems to leak memory.
Perhaps it is a problem with libpam itself?
Anyways, it sounds like using the mysql auxprop plugin might be the way to
go. I'd use the ldap auxprop plugin myself, but I need to authenticate
from two different sources.
Andy
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
