We upgrade our two Red Hat 4.6 SSH (Terminal) server to RedHat5.2. Our users are stored in Active Directory. After the upgrade sometimes users login freezes (at pam session service) and the SSH process consumes 100% CPU. When I turned on SSH debug and pam_limits debug on, I see that the pam_limits process checks that is the user in a group then it hang ups. There is no problem with the other RedHat4 system. This problem is not for specific user or specific time. Sometimes happens. Here is the normal pam_limits debug log: Jun 26 15:31:18 hyperion sshd[8892]: pam_limits(sshd:session): reading settings from '/etc/security/limits.conf' Jun 26 15:31:18 hyperion sshd[8892]: pam_limits(sshd:session): checking if username is in group users2 Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): checking if username is in group users2 Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): checking if username is in group ila Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): checking if username is in group ila Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): checking if username is in group users Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): process_limit: processing - cpu 10 for GROUP Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): checking if username is in group users Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): process_limit: processing soft nproc 24 for GROUP Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): checking if username is in group users Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): process_limit: processing hard nproc 32 for GROUP Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): checking if username is in group users Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): process_limit: processing - memlock 10000 for GROUP Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): checking if username is in group users Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): process_limit: processing - maxlogins 3 for GROUP Jun 26 15:31:19 hyperion sshd[8892]: pam_limits(sshd:session): checking logins for 'username' (maximum of 3 And here is the log for a crashed login while consuming %100CPU: Jun 26 15:13:55 hyperion sshd[8547]: pam_limits(sshd:session): reading settings from '/etc/security/limits.conf' Jun 26 15:13:55 hyperion sshd[8547]: pam_limits(sshd:session): checking if username is in group users2 Then nothing until a kill the PID 8547 This problem comes with RedHat5 so it is probably about pam_limits.so module.
I suppose the problem is rather in some nsswitch module. What is in your /etc/nsswitch.conf? Can you try to install debuginfo packages for pam, samba, glibc, openssh and try to attach a gdb to the process which is consuming 100% CPU and dump a backtrace?
Unfortunately I cannot reproduce the problem and there is not enough information in this bug report to fix it. Please contact our technical support http://www.redhat.com/support/ for issues with Red Hat Enterprise Linux.