severe useradd problem
Hi out there, need help - urgent :-) I have a curious problem addin a new user to my Suse 9.0 system which should absolutely NOT happen!!! Perhaps other Systems may have the same Problems... good luck its the first in my farm showing it up. Heres a description: Doing it via useradd the system CPU and RAM bloats up. cancelling with ctrl-c does not work. killing via killal doesnt work too. I checked the consistency with rpm -V shadow...seems ok. I reinstalled the shadow-rpm from the dvd just to be sure its not manipulated. I straced it, but it only shows me a readonly-access to /etc/passwd which looks like a loop: open("/etc/passwd", O_RDONLY) = 4 fcntl64(4, F_GETFD) = 0 fcntl64(4, F_SETFD, FD_CLOEXEC) = 0 _llseek(4, 0, [0], SEEK_CUR) = 0 fstat64(4, {st_mode=S_IFREG|0644, st_size=25473, ...}) = 0 mmap2(NULL, 25473, PROT_READ, MAP_SHARED, 4, 0) = 0x40602000 _llseek(4, 25473, [25473], SEEK_SET) = 0 fstat64(4, {st_mode=S_IFREG|0644, st_size=25473, ...}) = 0 munmap(0x40602000, 25473) = 0 close(4) = 0 mremap(0x4037f000, 2633728, 2637824, MREMAP_MAYMOVE) = 0x4037f000 ... ... the top values are as follows: 24680 root 15 0 66888 65m 1028 R 99.0 26.2 1:03.69 /usr/sbin/useradd holge3 after a less then a minute later 24680 root 17 0 102m 102m 1016 R 98.7 41.2 1:40.85 /usr/sbin/useradd holge3 Has anyone made the same Experience sometime? I have to admit the /etc/passwd and /etc/shadow are very bloated. But i backuped and emptied them just to see if the files are corrupt in some way --- no effect. Has anyone a clue ? Need more info...tell me, i dont know what more to offer here at first. Greets, Holger
Hello Holger,
On Thu, 21 Jul 2005, iS-Fun Internet Services GmbH, Holger Diehm wrote:
Date: Thu, 21 Jul 2005 13:30:06 +0200 From: "iS-Fun Internet Services GmbH, Holger Diehm"
To: suse-security@suse.com Subject: [suse-security] severe useradd problem Hi out there,
need help - urgent :-)
I have a curious problem addin a new user to my Suse 9.0 system which should absolutely NOT happen!!!
Doing it via useradd the system CPU and RAM bloats up. cancelling with ctrl-c does not work. killing via killal doesnt work too.
--> Just a thought: have you tried adding a user with YaST ? Cheers, Armin -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50
Hello Armin,
--> Just a thought: have you tried adding a user with YaST ?
is not really a way to go for me so i didnt try that yet.I am adding users via scripting. I just came back from the doctor and will try tomorrow. I found out, that when I delete the last user I created with userdel and then add the user again...it works. But only for that one time. Deleting unneeded users doesnt help me either. Could there be a limitation for an amount of users being added to certain groups? I think it could be some prob with the /etc/group file...but thats simply a guess yet. I hope i get closer to my Prob tomorrow... Further suggestions are welcome :-) Holger
Hello there, solved it for my purposes :-) but I haven't found a reason why it happened. Decription: I found out, that i forgot to clear the file /etc/default/useradd. Due to this the following line seemed to do make the problems in there: GROUPS=dialout,uucp,video,audio So users were added to these secondary groups as well. I removed this line and everything worked fine again. No file seems to be corrupt. After that to make it complete in removed all users accidently added to that groups - they shouldn't have been int these groups anyway - silly me. Still I wonder why that silly thing occured to me. Seems there ist some kind of limit for a line in /etc/group... or something else similar. the line of each group ind /etc/group was filled with approx. 400 users - just in case anyone wants to check IF theres really some kinda limit. I dont want to make any further tests...this was enough action for today :-) Anyway, thanks for allyour thoughts :-) Holger
Holger Diehm iS-Fun Internet Services GmbH wrote on Thu, 21 Jul 2005 13:30:06 +0200:
Doing it via useradd the system CPU and RAM bloats up. cancelling with ctrl-c does not work. killing via killal doesnt work too.
I reported a similar problem years ago to Suse. Your strace looks quite a bit like this. If I remember it right, it were certain programs (most notably ipop3d) that showed this behavior after the system hit a certain number of users (70 or so). I don't remember if useradd itself was behaving the same, but it was the ultimate cause of the problem. It happens because Suse 9.0 (and later?) adds new users to some groups by default (audio, video, uucp or so). After a while the line for these groups in /etc/group gets so long that it doesn't seem to fit in a buffer used by a library these programs use. They grab more and more memory while trying to cope with the situation. If you are fast enough you can kill the process, otherwise the machine ultimately gets killed. The problem does not occur when nscd is running. In that case these applications seem to "outsource" the authentication process and thus the problem is avoided. Besides using nscd it can also be cured by removing that insanely long user line from /etc/group and telling useradd to not add users to these groups automatically (/etc/default/useradd ? or so, I don't remember exactly). Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com IE-Center: http://ie5.de & http://msie.winware.org
participants (3)
-
Armin Schoech
-
iS-Fun Internet Services GmbH, Holger Diehm
-
Kai Schaetzl