Samba4 high cpu load

steve steve at steve-ss.com
Sat May 12 16:45:43 MDT 2012 

On 05/13/2012 12:37 AM, Günter Kukkukk wrote:
> On Saturday, 12. May 2012 23:38:24 steve wrote:
>> On 05/09/2012 10:29 AM, Michael Wood wrote:
>>> Hi
>>>
>>> On 9 May 2012 10:21, steve<steve at steve-ss.com>   wrote:
>>>> On 09/05/12 04:02, Günter Kukkukk wrote:
>>> [...]
>>>
>>>>> i've contacted one of the gnutls developers (Nikos Mavrogiannopoulos).
>>>>> He told me that when generating the Diffie-Hellman key, some (3.x.x)
>>>>> versions used a very slow algorithm.
>>>>> He recommends to use gnutls>= 3.0.9
>>>>>
>>>>> Opensuse 12.1 uses gnutls 3.0.3 atm.
>>>>>
>>>>> So i did a recent gnutls-3.0.19 build.
>>>>>
>>>>> With gnutls 3.0.19
>>>>>
>>>>>      time certtool --generate-dh-params --bits 1024
>>>>>
>>>>> is now down to 1 - 2 seconds, compared to 3 - 5 minutes (!!!)
>>>>> with former version 3.0.3 (from opensuse 12.1)
>>>>>
>>>>> Will contact the opensuse maintainers.
>>>>>
>>>>> Cheers, Günter
>>>> Thanks again.
>>>>
>>>> Just compiled 3.0.19 on 12.1. Went OK after I installed libnettle;-) I
>>>> have now removed the workaround from smb.conf:
>>>> #       tls enabled = No
>>>> Can confirm the quick startup. 1 second as opposed to 5 minutes!
>>>>
>>>> I'm a little confused as when I went to uninstall 3.0.3 using Yast, I
>>>> saw only libgnutls28-3.0.3 and libgnutls-devel-3.0.3 were installed.
>>>> libgnutls28 had over 100 dependants so I left that installed and
>>>> removed only the devel package. gnutls-3.0.3 was not installed. Is that
>>>> OK?
>> Hi Günter
>>
>> Would you mind If I posted to the openSUSE list quoting this thread so that
>> we can get the latest gnutls in the forthcoming 12.2 release?
>>
>> Cheers,
>> Steve
> I had contacted Lars via email and also had a short irc talk with him.
> He opened this bug report
>      https://bugzilla.novell.com/show_bug.cgi?id=761987
>
> Cheers, Günter
Hi
That's great. I think that should get us a decent version soon. I think 
many openSUSE users would be discouraged from having a go at S4 because 
of this. It's ironic that earlier versions of gnutls that ship with more 
recent distro verions of eg Ubuntu 12.4 LTS work fine.
Cheers,
Steve

More information about the samba-technical mailing list