Re: cron + ldap = disaster?
Natxo Asenjo wrote:
> I have successfully deployed a single sign on solution with openldap, it
> works great. But, there is a little problem with cron. Everytime one of
> the users' or system's crontab changes, cron stops working. The number
> of cron processes skyrockets (within minutes you see it going from 1 to
> hundreds) and the overall response of the server is badly hit.
> I have a solution, which works but it is not really convenient. First I
> check the number of cron processes:
> # pgrep cron
> if that is lower than 3/4 (which could happen if several cron jobs run
> at the same time for different users) I do nothing. Otherwise,
> # killall cron
> # /etc/init.d/cron start
> # /etc/init.d/slapd restart
> and all is fine until someone changes his/her crontab.
> I found in google that red hat had this issue too in 2000, but it is
> fixed a long time ago:
> Unfortunately I am not a coder :(. It would be sad though if people
> would stop using debian in a company environenment because of this poblem.
> Ok, that was it.
> J.I. Asenjo
We use openldap with libnss-ldap and pam-ldap and do not have this
problem with cron jobs, servers are running woody and sarge without
problems. If you are on woody still, check out the openldap and libnss