From: Peter Hessler (no email)
Date: Thu Jul 01 2004 - 13:54:04 EDT
Generate /etc/passwd.tmp and /etc/shadow.tmp, then mv those files to
the correct place. That would make the race condition much harder to
trigger.
PAM asking mysql for auth is a much better solution, but the .tmp
files is much easier to implement (for now).
On Thu, 1 Jul 2004 13:56:03 -0400, Josh Marcus <> wrote:
>
> I was wondering if I could get advice on an issue I'm having.
>
> Very occasionally, on a system I administrate, I'm getting unknown user
> errors for incoming mail which should be accepted. My best guess is
> that this happening because of a less than ideal authentication scheme.
> Flat /etc/passwd and shadow files are generated from a MySQL database,
> and then copied into place after verification. My guess is that, under
> high load, there is a moment where postfix is checking a user while the
> file is being copied into place.
>
|
|
|