|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
RE: getgroup invalid argument in /var/adm/messages {SOLVED}
Date: Fri Jul 25 2003 - 10:05:12 EDT
Thanks for the help. This ended up not being a SSH problem, but a sys admin problem. Our network security is managing user accounts, and apparently their script just adds new users to the end of the group file (rather than filing them neatly within the existing group entries).
Long story short: I trimmed, by hand, the /etc/group file from 3500 lines down to 238 (I love VI :-) I left a "tail -f /var/adm/messages | grep -i sshd" running all night and it was clean this morning. So the system is happy.
Long story Longer: I know this isn't exactly SSH related, but I'll share for anyone who may not be familiar with managing large numbers of users. Example of clean way of adding users to a group file:
root::0: group1::100:user1,user2,user3,user4... (however, try to keep number of users per line from wrapping to next line) group2::101:user1,user3 group3::102:user2,user4
Dirty way of managing /etc/group (and a small example of what I found)
root::0:root group1::100: group1::100:user1 group3::102:user4 group1::100:user2,user3 group2::101:user3 group2::101:user1 group3::102:user4 group1::100:user4
This is what caused SSHd to complain as it tried to find the groups each user was within. It's also murder to look at and manage. I have a hunch users were also experiencing slowdowns upon trying to log in. I've put a call in to try and get them to change their ways before the rest of the servers start complaining.
Thanks again,
John
-----Original Message-----
From: Schubert, John [NTWK SVCS]
Sent: Thursday, July 24, 2003 3:25 PM
To: Ramin Dousti; djtech@djtech.org
Cc: secureshell@securityfocus.com
Subject: RE: getgroup invalid argument in /var/adm/messages
I believe you're right. I grep'd with the word count (provided below), and came up with 0. I decided to manually go through the file (I'm in the midst of doing it right now) and there are no instances of ssh/d.
The groups file is a means of administering user permissions to groups of files, not processes having permissions for users. However, I wasn't going to argue :-) With the exception of "mail" I don't believe any processes are normally found in /etc/group. Given the sporadic nature of the alarms, it made me believe that it was related to both users logging in and CRONjobs/scripts. With the explanation you provide, it falls in line with what I was thinking. I know in the past we've had problems with some processes due to too many groups in the /etc/group file. I believe NFS or something has a hard time with large numbers of groups in Solaris8.
As I mentioned, I'm editing by hand. So possibly tomorrow I will post a message here. I'll append the subject with <SOLVED> or some telltale.
Thanks again, this is why I love OpenSource !!! You guys are a tremendous help, and hope I can contribute something in return.
John
-----Original Message-----
From: Ramin Dousti [mailto:ramin@cannon.eng.us.uu.net]
Sent: Thursday, July 24, 2003 3:06 PM
To: djtech@djtech.org
Cc: Schubert, John [NTWK SVCS]; Ramin Dousti;
secureshell@securityfocus.com
Subject: Re: getgroup invalid argument in /var/adm/messages
I might be wrong but I don't think its a matter of "sshd" belonging to what groups. It's the user who is logging into the machine, for whom a forked sshd is running, belonging to what groups. (I hope my statement is grammatically correct ;-)
Ramin
On Thu, Jul 24, 2003 at 03:17:20PM -0400, djtech@djtech.org wrote:
> Sounds like SSH is doing its job then. To see how many groups sshd is in use
Received on Fri Jul 25 18:15:15 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:01 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |