[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Upgrade a mail server



On Tue, Feb 19, 2002 at 07:40:32PM +1100, Craig Sanders wrote:
> On Tue, Feb 19, 2002 at 05:51:20PM +1100, Russell Coker wrote:
> > When I configured it to use hashed indexes to /etc/passwd (this was on
> > AIX which does it much better than Linux) the load average dropped to
> > between 0.5 and 4 (depending on the time of day), CPU usage was often
> > less than 100%, and everything was responsive!
> 
> i was thinking of  hashed passwd/shadow files when i said it would scale
> up to at least 10000 users.

Well, I've done 70% of that without even sweating.  I'm sure it could
scale well above that.  (db files are -fast-... heck, INN uses a
slightly hacked variant of the db files to handle -millions- of records
quickly).

> > The problem is that the utility programs like passwd(1) aren't smart
> > enough to update the hash, and the libraries that read from the hashes
> > aren't smart enough to check the time stamps and use /etc/passwd if
> > it's more recent.  AIX does this much better.

they aren't?

Haven't looked at PAM?

#
# The PAM configuration file for the Shadow `passwd' service
#
<snip>
password   required       pam_make.so /var/lib/misc

Magic.  (You'll also need it in chsh and chfn and any other ways you
have to edit the passwd file.)

See ftp://people.redhat.com/misa/old-devel/pam/modules/pam_make-0.1.tar.gz

> i found (when i was using hashed passwd files) that the following in
> root's crontab is adequate:
> 
> 0/5 * * * cd /var/lib/misc ; make
> 
> or run it every minute if you prefer.

I run it every 15.

... and /etc/passwd and /etc/shadow are rsync'd between machines.  So
changing the password on the master will run that makefile and update
the slaves.





Reply to: