If you have a lot of groups or very large groups, cyrus-imapd login can become

quite slow due to the way cyrus-imapd handles groups. This may become worse

when using nss_ldap or other slow nss backends to resolve groups.

Caching using nscd can increase speed dramatically but unfortunately not for

all functions cyrus-imapd uses. nscd helps speeding up getgrnam() calls but not

getgrent() calls, which are used by cyrus-imapd to get a complete list of all

groups available.

The groupfile patch implements a quick fix to the problem by using a separate

group.cache file to speed up those operations using getgrent() calls.

Calls to getgrnam() are not touched which means that the group.cache

file must be kept in sync with the group source you are using with nss

configured in /etc/nsswitch.conf. If group.cache doesn't exist,

the patch has no effect and cyrus-imapd handles groups through getgrent().

Quick HOWTO:

- configure group lookup in /etc/nsswitch.conf if not already done

- configure name service cache in /etc/nscd.conf               (not mandatory)

- start nscd with "service nscd start"                         (not mandatory)

- configure a service which periodically updates the group.cache file using the

  upd_groupcache script. Either set up a cronjob or use a event in the cyrus

  configuration.

Sample /etc/cyrus.conf event to update the group cache every 10 minutes:

EVENTS {

  # some events removed here ***

  ...........................***

  # this is only necessary if using group cache feature

  groupcache    cmd="upd_groupcache" period=10

}