[Samba] Samba 4 slow write
Jones Syue
jonessyue at qnap.com
Sun Apr 19 20:48:37 MDT 2015
Hello Ervin,
On Sat, Apr 18, 2015 at 5:01 PM, Ervin Hegedüs <airween at gmail.com> wrote:
>
> Why faster the Samba for users, who listed in "admin users" in
> smb.conf?
Hmm looks like earlier return for users with root permission,
so admin users would not go through SMB_VFS_GET_NT_ACL(),
which takes more time on permission checking.[1]
Non-admin users would go through SMB_VFS_GET_NT_ACL(),
and finally would reach getegid() and geteuid().[2]
Hence strace said the top 2 records are getegid() and geteuid().
[1] code snippet:
NTSTATUS smbd_check_access_rights(struct connection_struct *conn,
...
if (!use_privs && get_current_uid(conn) == (uid_t)0) {
/* I'm sorry sir, I didn't know you were root... */
DEBUG(10,("smbd_check_access_rights: root override "
"on %s. Granting 0x%x\n",
smb_fname_str_dbg(smb_fname),
(unsigned int)access_mask ));
return NT_STATUS_OK;
}
...
status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
(SECINFO_OWNER |
SECINFO_GROUP |
SECINFO_DACL), talloc_tos(), &sd);
[2] perf top call graph:
1.49% libc-2.6.1.so [.] __geteuid
|
--- __geteuid
uwrap_geteuid
assert_uid
set_unix_security_ctx
set_sec_ctx
set_root_sec_ctx
smbd_become_root
legacy_gid_to_sid
gid_to_sid
create_file_sids
posix_get_nt_acl_common
posix_get_nt_acl
vfswrap_get_nt_acl
smb_vfs_call_get_nt_acl
smbd_check_access_rights
1.22% libc-2.6.1.so [.] __getegid
|
--- __getegid
uwrap_getegid
assert_gid
set_unix_security_ctx
set_sec_ctx
set_root_sec_ctx
smbd_become_root
become_root
pdb_default_uid_to_sid
pdb_uid_to_sid
legacy_uid_to_sid
uid_to_sid
create_file_sids
posix_get_nt_acl_common
posix_get_nt_acl
vfswrap_get_nt_acl
smb_vfs_call_get_nt_acl
smbd_check_access_rights
--
Regards,
Jones Syue | 薛懷宗
*QNAP* Systems,Inc. <http://www.qnap.com/>
More information about the samba
mailing list