I recently upgraded one of my main servers from RedHat 4.0 to 5.0. I have also applied all of the errata updates. Executing 'rpm -Va' indicates that everything installed properly (no missing dependencies, etc.). However, logins at the console are extremely slow and CPU-intensive, su segfaults, and telnet connections fail after the correct login and password are entered.
So far, I've traced the problem down to PAM and the /etc/groups file. If I login as root (on tty1), it takes a few extra seconds to get a prompt, but then everything seems normal. However, if I login as myself (on tty1), it not only takes a few extra seconds to get a prompt, but my GIDs to not resolve properly (e.g. executing 'ls -la' displays the GID rather than the associated name), particularly files which are chowned myself.myself.
This system hosts over 3,800 user accounts in the same group and therefore there is a line in /etc/groups which is nearly 28,000 characters in length. If I arbitrarily cut this line down to 677 characters, the problems all go away. Logins are snappy again, GIDs resolve to groupnames properly, and I can telnet in again. Add a 678th character and BOOM...slow, goofy, and no logins via telnet.
I've tried using a different /bin/login (which also uses PAM) as well as other shells. These changes do not fix the problem. I don't use shadowed passwords (yet) and my /etc/pam.d/login entries seem fine to me.
I'm adding 15-20 new accounts to this system each day, and leaving them out of the /etc/group file for any length of time is not an acceptable solution. HELP! (please...now...thanks).
Still awake after 36 hours,
Kevin J. Sawyer - President/CEO - firstname.lastname@example.org
Applied Personal Computing, Inc. - APCiNet - http://www.apci.net/
6001 Old Collinsville Road, Building #3, Fairview Heights, IL 62208
Office: (618) 632-7282 FAX: (618) 632-7282 Support: (618) 628-2NET