sporadic "generic failure" with sasl pwcheck

Ferdinand Goldmann ferdinand.goldmann at jku.at
Mon Jun 19 08:01:12 EDT 2006

Hello there,

I am using Cyrus 2.2.12 together with SASL 2.1.21 for an installation with
several thousand users. The pwcheck daemon queries passwords which are stored
in a FreeBSD spwd.db file. From time to time, I am seeing things like this:

Jun 19 12:41:40 leia pop3[76204]: badlogin: xxx.xxx.xxx.xxx [193.171.x.x]
plaintext xxxxxxxx SASL(-1): generic failure: checkpass failed

"generic failure"? If someone types in a wrong password, the log usually reads
"authentication failure".
Logins are working fine, the generic failures just pop up sporadically. Has
anyone else witnessed such a behaviour? I suspect it might be related to high
system load, or the pwcheck daemon not answering fast enough, or the spwd.db
file being locked while it is being rebuilt during useradd operations. But I'm
a bit unsure about it.

Any ideas?

>> >> Ferdinand Goldmann                                   ////  |          |
>> >>                                                     |--00  |    UNIX  |
>> >> Tel. : +43/732/2468/9398 Fax. : +43/732/2468/9397   C   ^  |          |
>> >> EMail:  Ferdinand.Goldmann at zid.uni-linz.ac.at        \ ~/  ~~~|~~~~~~~~
>> >> PGP D4CF 8AA4 4B2A 7B88 65CA  5EDC 0A9B FA9A 13EA B993| |-----3

More information about the Cyrus-sasl mailing list