On Thu, 2010-02-18 at 12:47 -0600, Stan Hoeppner wrote:
Are you using passwd/pam combination? The second process is "auth worker", which does blocking passdb/userdb lookups. The v1.0 behavior was causing bugs.
Yep: auth default: worker_max_count: 1 process_size: 16 passdb: driver: pam userdb: driver: passwd
If this is what the worker does, what does the "master" do?
With v1.0 each PAM lookup caused dovecot-auth to fork a new process, which then did the PAM stuff and then exited. With v1.1+ the auth worker process does this so that there's no need for the forking (that caused problems with some nss/pam combinations).
So dovecot-auth master gets the actual auth requests and starts handling them. When it needs to do a blocking passdb/userdb lookup, it connects to auth worker, which then does the actual (potentially long running) lookup. If you've enough load, more auth worker processes are created as necessary.
Hmm. You could try setting auth_worker_max_request_count=1 to see if that gets rid of the processes after they've handled the request.
Currently there's no way to avoid that, except if you switch from PAM to e.g. shadow. v2.0 stops idling processes after a minute (but there are a some other new long running processes, and also it looks like that idle-stopping isn't currently working for some reason).
IIRC both dovecot-auth processes are staying resident even with no clients connected.
Yes, only v2.0 has the idle-stopping feature.