One way to solve slow logins with NT-domains
Jeremy Allison
jallison at cthulhu.engr.sgi.com
Thu May 6 17:41:17 GMT 1999
Jani Jaakkola wrote:
>
> When i was experimenting with the NT-domain code, it turned out to be too
> slow for our environment. We have 2300 users in our /etc/passwd and 200
> groups in our /etc/group. It turned out that samba does hundreds of
> getpwnam() and getpwuid() calls when someone logins to domain, which will
> take time, since Linux glibc-2.0 C-library doesn't have any caching
> for passwords and our passwd file is 160K in size.
>
> So I wrote a simple cache wrapper around sambas getpwnam() and getpwuid()
> calls. The cache is built the first time when either of them is called and
> is kept around for 15 seconds, after which it will be rebuilt.
>
> Oh yes.. If you happen to have multiple user names sharing the same uid or
> multiple uids sharing the same user name, the cache will return the last
> one in /etc/passwd instead of the first one. If you think this is a
> promlem, it can be easily fixed.
>
> I'm including the patch in this email. It is agains the current CVS
> version (well, current version at least an hour ago).
> I hope no one will get upset, since it is 355 lines. It isn't tested very
> throughly (i just got it ready an hour ago). Anyway, I can log on to NT
> domain in 1 second instead of 15-20 seconds and I won't get the annoying
> slow network dialog :)
I *love* Open Source :-).
This was a bunch of code that I knew I was going to have to write
and now I don't :-).
A couple of comments.
Firstly, a slightly nicer way to do this would be to
change the calls to wrappers around all the
getpwxxx functions.
eg. getpwnam -> sys_getpwnam
Check lib/system.c for details. We can then replace
all getpwxxx calls to go through the wrappers and
get a more coherent view into the users hash table.
Secondly we should add a hash by uid as well and allow
lookups on both name and uid. Getting fancy we should
also store this table in either a file or shared
memory and allow it to be shared across smbd's.
Great first hack though !
Thanks,
Jeremy Allison,
Samba Team.
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
More information about the samba-technical
mailing list