I have just "inherited" a Solaris box and there are a couple of problems, I think I have worked out what they are but I have no idea how to fix.
Basically login is very slow (system performance is good though) and I have a program that writes its errors to the syslog, which has stopped working.
So I am pretty sure that it is a syslog thing, I believe that it was set up to record all the syslog entries to a central host (before I got it) and it is still trying to do that, but cant so login, etc are taking longer.
I have tried looking through the man pages but I cant see anything obvious in the config files. Any Ideas?
Log on to the box. Let's say that your user name is warrend. Do a "ps -fu warrend" and note the processes that are running. Next open another window and login again to the box. While it is stalled, do another "ps -fu warrend" and see what changed. We need the name of the program where the delay is taking place.
My guess is that you are stalling while checking the quotas of an nfs mounted filesystem.
Ok done that, there are no NFS mounts (but thought it would be interesting).
Logged in once, ran ps -fu warrend (am I that predictable?), showed my shell, then opened up anouther window and logged in (vai ssh) prompts for username, then wait...... (did the ps -fu a few times, just showed the one shell) more waiting..... prompts for password, then ran ps -fu again and showed two shells.
the only major thing that I have done is move it from one site to anouther, changing the IP address in the proccess [hence why it cant find the suspected loghost].
dump of the syslog.conf
bash-2.05$ cat syslog.conf
#ident "@(#)syslog.conf 1.4 96/10/11 SMI" /* SunOS 5.0 */
# Copyright (c) 1991-1993, by Sun Microsystems, Inc.
# syslog configuration file.
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words. Also, within ifdef's, arguments
# containing commas must be quoted.
# non-loghost machines will use the following lines to cause "user"
# log messages to be logged locally.
user.alert `root, operator'
When you login remotely, the login program can easily find your remote ip address. It then queries DNS to convert the ip address to a host name. It must do this while it is still root since the log files are only writable by root. Type "who", and I'll bet that your origin just shows up as an IP address. Now type "nslookup 126.96.36.199" or whatever the IP address actually is. I'll bet that command will stall too.
If my second theory is correct, you need to make sure that your reverse dns entry is in the dns server. And you need to make sure that /etc/resolv.conf has the ip addresses of the dns servers for your new location.