[BlueOnyx:18664] Re: attn. Michael PAM_ABL error after repair.

[Michael Stauber]

Hi Gustavo,

> just started experiencing the same issue on a 5208R after last update.
> It doesnt seem to break anything, just the logging thats curious:

In any case this is a bit beyond my control. Pam_abl creates and uses
DB3 databases to store the connection attempts and actions it takes. On
every CCEd restart, during a daily cronjob run and during each reboot we
wipe that database and let pam_abl recreate it from scratch.

Pam_abl does use file locking during access to the databases to prevent
that it gets corrupted. But the nature of things is really that this can
still happen when many simultaneous logins happen over different
services at the same time.

The good part is that this then has no negative impact. It doesn't mess
up authentication. It just means that as long as the pam_abl database is
corrupted it'll not provide any protection.

When your logs indicate a corruption of the pam_abl database you can
"fix" it yourself running "/sbin/service pam_abl restart". Other than
that? We're running the latest version of pam_abl with the recommended
configuration. So there is little I can do to make it behave better.
What I can say is that I didn't yet witness any database corruption
myself, but it's bound to happen due to the nature of how it works.

-- 
With best regards

Michael Stauber