Bug#758660: sasl2-bin: saslauthd "Memory buffer error"

Discussion:

(too old to reply)

Martin Sebald

2014-08-19 18:20:02 UTC

Package: sasl2-bin
Version: 2.1.26.dfsg1-11
Severity: important

Hi,

the saslauthd fails here on our mail server for weeks now. It seems that after
a certain amount of login (successful and tries) a limit is reached and the
daemon silently (!) fails - people cannot log into SASL-Auth anymore.

I see the following in the log:

Aug 19 19:44:41 server saslauthd[25483]: DEBUG: auth_pam: pam_authenticate
failed: Memory buffer error

After restarting everything works again until it happens again.

We use cron to restart saslauthd every hour now, the only solution at the moment.

Cheers,
Martin

--
To UNSUBSCRIBE, email to debian-bugs-dist-***@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact ***@lists.debian.org

Dan White

2014-08-20 14:50:01 UTC

Permalink

Post by Martin Sebald
Package: sasl2-bin
Version: 2.1.26.dfsg1-11
Severity: important
Hi,
the saslauthd fails here on our mail server for weeks now. It seems that after
a certain amount of login (successful and tries) a limit is reached and the
daemon silently (!) fails - people cannot log into SASL-Auth anymore.
Aug 19 19:44:41 server saslauthd[25483]: DEBUG: auth_pam: pam_authenticate
failed: Memory buffer error
After restarting everything works again until it happens again.
We use cron to restart saslauthd every hour now, the only solution at the moment.

Martin,

Please provide details of your saslauthd config, /etc/default/saslauthd
and /etc/saslauthd.conf if you have one, and a list of which pam modules
you are using.

For a likely work around for this issue, see option '-n' in the saslauthd
manpage.

Thanks,

--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-***@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact ***@lists.debian.org

Martin Sebald

2014-08-20 19:00:02 UTC

Permalink

Hello Dan,

thank you for the reply. Here you are:

/etc/default/saslauthd:
START=yes
DESC="SASL Authentication Daemon"
NAME="saslauthd"
MECHANISMS="pam"
MECH_OPTIONS=""
#THREADS=5
THREADS=0
OPTIONS="-r -c -m /var/spool/postfix/var/run/saslauthd"

(I just changed threads from 5 to 0, thank you for the hint and the maybe
workaround for this problem.)

I do not have a /etc/saslauthd.conf config file.

I use pam only, do you need the config files as well?

Cheers,
Martin

--
To UNSUBSCRIBE, email to debian-bugs-dist-***@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact ***@lists.debian.org

Dan White

2014-08-20 20:10:02 UTC

Permalink

So does the work around work anyway? It seems that I not fully understand what
is going on. Anyway, if I restart saslauthd after the problem is there
everything works right away like there was never a problem.

Yes, it should, since saslauthd spawns a new process (-n 0) with each
authentication attempt. The memory gets freed when the process ends even
though there's a memory leak. You'll hide the problem at the expense of
process setup/tear down overhead.

--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-***@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact ***@lists.debian.org

Martin Sebald

2014-08-21 20:40:02 UTC

Permalink

Hello Dan,

outch, this did not work. I just noticed that the server was completly out of
resources. I checked and found hundrets or better even thousands of saslauthd
threads. I had to pkill these tasks, now the server is recovering.

I put THREADS=5 back into config and restart saslauthd every hour via cron.

Strange - and bad...

Cheers,
Martin

--
To UNSUBSCRIBE, email to debian-bugs-dist-***@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact ***@lists.debian.org