Samba smaller: 11.1mb smbd

Andrew Bartlett abartlet at samba.org
Fri Nov 15 01:34:16 UTC 2019


For some reason I had another go at this, and have things down to
11.1MB.

This is NOT FOR PRODUCTION USE, because I have to cut out some
important things, but the idea is to prove that by reducing the linkage
to the ndr-table subsystem, we can avoid bringing in unused code to eg
parse drsuapi.

Anyone wanting to take this further will need to work out how to get
the appropriate interface tables for the specific pipes we need to use
internally.  It would also be very worthwhile working to understand why
we depend on what is left, and seeing if we can trim that some more. 

I used:

CFLAGS="-DSAMBA_SMALLER -O2 -flto -fwhole-program " LDFLAGS="-O2 -flto
-fwhole-program " ./configure --bundled-
libraries=talloc,tdb,pytdb,ldb,pyldb,tevent,pytevent --with-static-
modules=ALL --nonshared-binary=smbtorture,smbd/smbd --with-system-
mitkrb5 --without-ad-dc --without-ads --without-python &&
./buildtools/bin/waf --targets=smbd/smbd

Andrew Bartlett

On Mon, 2017-01-30 at 23:51 +1300, Andrew Bartlett wrote:
> Thinking about the 'without python' use case and the cries from folks
> for a smaller smbd, I tried some gcc options.
> 
> (original)
> du -m bin/default/source3/smbd/smbd
> 19	bin/default/source3/smbd/smbd
> 
> (new)
> du -m bin/default/source3/smbd/smbd
> 13	bin/default/source3/smbd/smbd
> 
> The options I set were:
> 
> CFLAGS="-O2 -flto -fwhole-program " LDFLAGS="-O2 -flto -fwhole-
> program "
> 
> The rest of the command remains the same:
> 
>  ./configure --bundled-
> libraries=talloc,tdb,pytdb,ldb,pyldb,tevent,pytevent --with-static-
> modules=ALL --nonshared-binary=smbtorture,smbd/smbd --with-system-
> mitkrb5 --without-ad-dc && make -j
> 
> Now, the build fails, but not before spitting out the smaller smbd.
> 
> 
> I don't claim it even works (I just tried smbd -b and smbd -V), but I
> figured those who are passionate about this stuff won't be too far
> behind.  A tweak to waf to only specify "-flto -fwhole-program" when
> building and linking the non-shared binaries would help a lot. 
> 
> The next step would be a bare fileserver build without spoolss,
> netlogon and any other pipes we don't strictly need, as the PIDL
> generated code from the extra idl is probably a fair chunk of what we
> removed and what we still could eliminate.
> 
> To make this build, I needed the attached patch (please review/push)
> to
> not initialise vfs_posix_eadb without the AD DC.
> 
> Thanks,
> 
> Andrew Bartlett
> 
-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba




-------------- next part --------------
A non-text attachment was scrubbed...
Name: making-samba-small-again.patch
Type: text/x-patch
Size: 11987 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20191115/b00fa33a/making-samba-small-again.bin>


More information about the samba-technical mailing list