Saslauthd memory leak ?

Igor Brezac igor at ipass.net
Tue Oct 18 11:26:20 EDT 2005


On Tue, 18 Oct 2005, Yann Rouillard wrote:

>> Why do you need ipc_doors?
>
> Well according to the install.html file:
>
>  9. Also if you are using saslauthd, what communication (IPC) method do
> you want to use? On most systems, the correct answer is the default
> (unix sockets), but on Solaris you can use IPC doors, which
>       have proven to be more stable than equivilant Solaris systems
> using unix sockets.

cmu developed ipc_doors because of solaris performance issues with unix 
domain sockets.  I think you had to exceed 5 authentications per second 
sustained in order to hit this problem.  Keep in mind this was the case 
pre Solaris 9 and possibly before with much slower hardware.  I've never 
hit this bug with Solaris 9 and above and I ran tests with 50 
authentications+ per second sustained with multiple clients querying 
saslauthd.

> So I thought ipc doors was a more sensible choice.

cmu uses ipc doors with kerberos, so I am not sure how stable other mechs 
are.

> But see my other message, I had also some performance problem with it.
>
>> Make sure you built saslauthd with -D_REENTRANT, otherwise your current
>> config will have problems.  For ipc_doors you need the mechanisms to be
>> thread-safe and I do not think pam qualifies completely.
>
> Ok, you're right. Thanks for your answers.
>
>>>
>>> I think it would be nice to mention in the man or somewhere in the doc.
>>>
>>
>> What would you like mentioned?  You can always submit a patch.
>>
>
> Patch attached.
>

-- 
Igor


More information about the Cyrus-sasl mailing list