Re: Upgrade a mail server
On Tue, Feb 19, 2002 at 07:40:32PM +1100, Craig Sanders wrote:
> On Tue, Feb 19, 2002 at 05:51:20PM +1100, Russell Coker wrote:
> > When I configured it to use hashed indexes to /etc/passwd (this was on
> > AIX which does it much better than Linux) the load average dropped to
> > between 0.5 and 4 (depending on the time of day), CPU usage was often
> > less than 100%, and everything was responsive!
>
> i was thinking of hashed passwd/shadow files when i said it would scale
> up to at least 10000 users.
Well, I've done 70% of that without even sweating. I'm sure it could
scale well above that. (db files are -fast-... heck, INN uses a
slightly hacked variant of the db files to handle -millions- of records
quickly).
> > The problem is that the utility programs like passwd(1) aren't smart
> > enough to update the hash, and the libraries that read from the hashes
> > aren't smart enough to check the time stamps and use /etc/passwd if
> > it's more recent. AIX does this much better.
they aren't?
Haven't looked at PAM?
#
# The PAM configuration file for the Shadow `passwd' service
#
<snip>
password required pam_make.so /var/lib/misc
Magic. (You'll also need it in chsh and chfn and any other ways you
have to edit the passwd file.)
See ftp://people.redhat.com/misa/old-devel/pam/modules/pam_make-0.1.tar.gz
> i found (when i was using hashed passwd files) that the following in
> root's crontab is adequate:
>
> 0/5 * * * cd /var/lib/misc ; make
>
> or run it every minute if you prefer.
I run it every 15.
... and /etc/passwd and /etc/shadow are rsync'd between machines. So
changing the password on the master will run that makefile and update
the slaves.
Reply to: