[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

pam_pwdb slowdown



Once upon a time, Oreste Dimaggio wrote:
>At 21.24 26/08/98 -0500, you wrote:
>>Tried that.  My slowdown is definately the auth module.  Look at my
>>example below - if I change just the auth line from pwdb to unix_auth,
>>all the slowdowns (at least for su) disappear.  I tried tracing it at
>>one time, and it looked like the pwdb module read through both the
>>passwd and shadow files more than once.
>
>How you've traced this ?

I set up a script that did an strace on in.telnetd and pointed inetd to
it for incoming telnet connections.  After stripping out the bash
related stuff, I ended up with /etc/passwd being read 5 times and
/etc/shadow being read 3 times.  Here is a grep of the opens (starting
with the first open of /etc/passwd) from the "login" process:

open("/etc/passwd", O_RDONLY)     = 3
open("/etc/pwdb.conf", O_RDONLY)  = 3
open("/etc/passwd", O_RDONLY)     = 3
open("/etc/shadow", O_RDONLY)     = 3
open("/etc/passwd", O_RDONLY)     = 3
open("/etc/shadow", O_RDONLY)     = 3
open("/etc/nologin", O_RDONLY)    = -1 ENOENT (No such file or directory)
open("/etc/pwdb.conf", O_RDONLY)  = 3
open("/etc/passwd", O_RDONLY)     = 3
open("/etc/shadow", O_RDONLY)     = 3
open("/etc/passwd", O_RDONLY)     = 3
open("/etc/group", O_RDONLY)      = 3
open("/etc/pwdb.conf", O_RDONLY)  = 3
open("/etc/pwdb.conf", O_RDONLY)  = 3
open("/dev", O_RDONLY|O_NONBLOCK) = 3
open("/var/run/utmp", O_RDWR)     = 3
open("/etc/localtime", O_RDONLY)  = 3
open("/var/run/utmp", O_RDWR)     = 3
open("/etc/wtmplock", O_WRONLY|O_CREAT, 0660) = 3
open("/var/log/wtmp", O_WRONLY|O_APPEND) = 4
open("/var/log/lastlog", O_RDWR)  = 3
open("/etc/group", O_RDONLY)      = 3
open("/etc/motd", O_RDONLY)       = 4
open("/etc/pwdb.conf", O_RDONLY)  = 4

pwdb.conf and passwd are opened five times each, and shadow three times.
I have not had time beyond that to trace the code and see what is
happening, but it looks like every time pam_pwdb.so is referenced, it
reopens /etc/passwd and scans it (with a slow parse routine).

The /etc/pam.d/login file looks like:

auth       required     /lib/security/pam_securetty.so
auth       required     /lib/security/pam_pwdb.so shadow nullok
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
session    required     /lib/security/pam_pwdb.so

Nothing special there.
-- 
Chris Adams - cadams@ro.com
System Administrator - Renaissance Internet Services
I don't speak for anybody but myself - that's enough trouble.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []