Status: New
Owner: ----
Labels: Type-Defect Priority-Medium
New issue 231 by [email protected]: SASL authentication not working on
reboot
http://code.google.com/p/memcached/issues/detail?id=231
What steps will reproduce the problem?
1. Update RPM spec with SASL enabled (configure option --enable-sasl),
build and install RPM.
2. Add "-S" to OPTIONS in /etc/sysconfig/memcached to require SASL.
3. Set up SASL user by running "sudo /usr/sbin/saslpasswd2 -a memcached -p
memcacheduser".
4. Make Memcached start on boot by running "sudo /sbin/chkconfig memcached
on".
5. Reboot.
6. Try to authenticate and see that it fails.
7. Now restart Memcached "sudo /sbin/service memcached restart".
8. Try to authenticate and see that it succeeds.
What is the expected output? What do you see instead?
Authentication should succeed at step 6 just like it succeeded at step 8.
The problem appears to be that the Memcached process cannot read the file
/etc/sasldb2 when started automatically on boot, but it can when it is
started manually via the init script.
Note that Memcached is told to change users to "nobody" in both cases:
memcached -d -p 11211 -u nobody -m 64 -c 1024 -P
/var/run/memcached/memcached.pid -S
What version of the product are you using? On what operating system?
Fedora 11 64-bit.
Please provide any additional information below.
If I change the permissions on /etc/sasldb2 so that "nobody" can read it,
Memcached can authenticate with the SASL user.
What's not clear is why it does not work if Memcached is started on boot,
but it does work if it's started manually via the same init.d script. Is
it that under some circumstances Memcached will not trigger the SASL code
that reads sasldb2 until after dropping to the nobody user?
How can I force it to do that before dropping to the nobody user at all
times?
