General
cancel
Showing results for 
Search instead for 
Did you mean: 

Size of passwd file and password errors

Size of passwd file and password errors

Hi all:
i create accounts via a perl script which has worked fine for years. Over the last few weeks I have had a lot of complaints about mis-set passwords. Since we are a college and the powers that be have deemed never to delete alum accounts I have quite a bit in my passwd file. I have run pwck and pwconv to make sure everything is in place, but I think as this file is approaching about 8000 lines it is getting too big for the script.
The server is a 1.3 gig HP ML350 with 2 gig of ram.
Any thoughts.

thanks
Chris S
3 REPLIES
Steven E. Protter
Exalted Contributor

Re: Size of passwd file and password errors

My thought?

The policy needs to be change.

This is a horrendous security problem that can lead to the system being compromised and being used to relay spam.

Surely the liability concerns are enough to convince the powers that be that accounts need to expire and eventually be deteted.

There are practical limits on how many accounts an OS can handle. This may be a techical concern based on the size of your institution.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Stuart Browne
Honored Contributor

Re: Size of passwd file and password errors

Given the sheer number of accounts, and the policy not to remove alnumi, I think it would be best to start looking at alternate means of storing the userbase, whether that be using ldap, samba or something ompletely different.

That being said, I wouldn't think that a Linux box (or any Unix for that matter) would really have a problem with so many users in a passwd file. You've not really said what the issue is either. Is it just your script adding users as the issue? Or is the authentication time gradually increasing?

If the latter, have you looked at things like 'nscd' to cache such details to reduce the access required to '/etc/passwd' etc. ?

If it is just the perl routine, then that's truely odd. I've not heard of a well written perl routine having an issue with only 8000 records..
One long-haired git at your service...
Gopi Sekar
Honored Contributor

Re: Size of passwd file and password errors


There are two issues in this:

* Firts the user list is too huge (8000 lines in passwd file), this may create other problems and security issues. Better to use LDAP as stuart mentioned.

* I have been using perl for years and never faced issue of big file size (except that the script will take more time to complete). Why don't you post your script here so that users can take a look at it and find out the if there are any issues.

Regards,
Gopi
Never Never Never Giveup