[Freeipa-devel] [PATCH 0065] vault: Limit size of data stored in vault
Petr Vobornik
pvoborni at redhat.com
Wed Aug 26 14:15:28 UTC 2015
On 08/26/2015 03:56 PM, David Kupka wrote:
> On 26/08/15 15:45, Petr Vobornik wrote:
>> On 08/26/2015 02:13 PM, David Kupka wrote:
>>> https://fedorahosted.org/freeipa/ticket/5231
>>>
>>>
>>
>> Attaching updated patch. With changes discussed offline.
>
> Changes works for me, ACK.
(with the changes it is also ACK from me)
Pushed to:
master: 02ab34c60b5e624ef0653a473316633a5618b07c
ipa-4-2: 9fc82bc66992eaa5daeed80e366e10986a8583d8
>
>>
>> Not related to the patch:
>> This patch limits the size to 1MB instead of proposed 10MB. Testing
>> showed that even 10MB raises a MemoryError in archive_encrypted_data
>> which is AFAIK a KraClient method - Endi, this sounds as something which
>> should be also handled in PKI.
>>
>> Especially when it happens the subsequent vault-archive command ends
>> with HTTPError: 503 Server Error: Service Unavailable. After restart of
>> pki, subsequent vault-archive with 1M file took about 4mins (in
>> vault_retrieve_internal). Next archive command with 1M file took "only"
>> 18s.
>>
>> 10k file took 9s.
>>
>> Why is it so slow?
>
>
--
Petr Vobornik
More information about the Freeipa-devel
mailing list