[Dovecot] pam_start() failed: system error

[Peter Orlowski]

Hi,

I'm using dovecot 1.1.3 on FreeBSD 6.3, x86, files are on NFS, 
except control and index files, which are local, on UFS2. It's 
moderately loaded, there are usually not more than 30 clients 
simultaneously.

dovecot runs fine for 3-10 days, then people can't connect any 
more, and dovecot says:

Nov 18 13:20:44 dizzy dovecot-auth: pam_ldap: ldap_simple_bind Can't contact LDAP server
Nov 18 13:20:44 dizzy dovecot-auth: pam_ldap: reconnecting to LDAP server...
Nov 18 13:20:44 dizzy dovecot-auth: pam_ldap: ldap_simple_bind Can't contact LDAP server
Nov 18 13:20:44 dizzy dovecot-auth: pam_ldap: ldap_simple_bind Can't contact LDAP server
Nov 18 13:20:44 dizzy dovecot-auth: pam_ldap: ldap_simple_bind Can't contact LDAP server
Nov 18 13:21:46 dizzy dovecot: auth-worker(default): pam(xxxx,xxx.xxx.xxx.xxx): pam_start() failed: system error
Nov 18 13:21:46 dizzy dovecot-auth: in openpam_load_module(): no pam_permit.so found
Nov 18 13:22:12 dizzy dovecot-auth: in openpam_load_module(): no pam_login_access.so found
Nov 18 13:22:31 dizzy dovecot-auth: in openpam_load_module(): no pam_unix.so found
Nov 18 13:22:42 dizzy dovecot-auth: in openpam_load_module(): no /usr/local/lib/pam_ldap.so found

After restarting dovecot things are back to normal.

I have tried different settings for worker_max_count, 
and I had blocking=no in the passdb config
until a few day ago; changing that didn't help either.





Here's my current config:


# 1.1.3: /usr/local/etc/dovecot.conf
protocols: imaps pop3s
ssl_cert_file: /etc/ssl/certs/mailitp-chain.pem
ssl_key_file: /etc/ssl/certs/mailkey2.pem
login_dir: /var/run/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
verbose_proctitle: yes
first_valid_gid: 0
mail_privileged_group: mail
mail_location:
mbox:~/mail/:INDEX=/srv/dovecot/indexes/%u.oldmail:INBOX=/var/mail/%u
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugins(default): zlib
mail_plugins(imap): zlib
mail_plugins(pop3):
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
imap_client_workarounds(default): delay-newmail outlook-idle
netscape-eoh tb-extra-mailbox-sep
imap_client_workarounds(imap): delay-newmail outlook-idle
netscape-eoh tb-extra-mailbox-sep
imap_client_workarounds(pop3):
pop3_client_workarounds(default):
pop3_client_workarounds(imap):
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
namespace:
  type: private
  separator: /
  prefix: NEWmail/
  location:
maildir:~/Maildir/:INDEX=/srv/dovecot/indexes/%u:CONTROL=/srv/dovecot/control/%u
  list: yes
  subscriptions: yes
namespace:
  type: private
  separator: /
  location:
mbox:~/mail/:INBOX=/var/mail/%u:INDEX=/srv/dovecot/indexes/%u.oldmail:CONTROL=/srv/dovecot/control/%u.oldmail
  inbox: yes
  list: yes
  subscriptions: yes
auth default:
  worker_max_count: 20
  passdb:
    driver: pam
    args: blocking=yes
  userdb:
    driver: passwd


Greetings,

-- 
Peter Orlowski