Why is NFSv4 so slow? (root/toor)

Ian Smith smithi at nimnet.asn.au
Wed Jun 30 04:15:12 UTC 2010 

On Tue, 29 Jun 2010, Dan Nelson wrote:
 > In the last episode (Jun 29), Rick C. Petty said:
 > > On Tue, Jun 29, 2010 at 10:20:57AM -0500, Adam Vande More wrote:
 > > > On Tue, Jun 29, 2010 at 9:58 AM, Rick Macklem <rmacklem at uoguelph.ca> wrote:
 > > > 
 > > > > I suppose if the FreeBSD world feels that "root" and "toor" must both
 > > > > exist in the password database, then "nfsuserd" could be hacked to
 > > > > handle the case of translating uid 0 to "root" without calling
 > > > > getpwuid().  It seems ugly, but if deleting "toor" from the password
 > > > > database upsets people, I can do that.
 > > > 
 > > > I agree with Ian on this.  I don't use toor either, but have seen people
 > > > use it, and sometimes it will get recommended here for various reasons
 > > > e.g.  running a root account with a different default shell.  It
 > > > wouldn't bother me having to do this provided it was documented, but
 > > > having to do so would be a POLA violation to many users I think.
 > > 
 > > To be fair, I'm not sure this is even a problem.  Rick M. only suggested
 > > it as a possibility.  I would think that getpwuid() would return the first
 > > match which has always been root.  At least that's what it does when
 > > scanning the passwd file; I'm not sure about NIS.  If someone can prove
 > > that this will cause a problem with NFSv4, we could consider hackingit. 
 > > Otherwise I don't think we should change this behavior yet.
 > 
 > If there are multiple users that map to the same userid, nscd on Linux will
 > select one name at random and return it for getpwuid() calls.  I haven't
 > seen this behaviour on FreeBSD or Solaris, though.  They always seem to
 > return the first entry in the passwd file.

I wondered whether this might be a Linux thing.  On my 7.2 system,

% find /usr/src -name "*.[ch]" -exec grep -Hw getpwuid {} \; > file

returns 195 lines, many in the form getpwuid(getuid()), in many base and 
contrib components - including id(1), bind, sendmail etc - that could be 
nondeterministic if getpwuid(0) ever returned other than root.

Just one mention of 'toor' in /usr/src/usr.sbin/makefs/compat/pwcache.c

Not claiming to know how the lookups in /usr/src/lib/libc/gen/getpwent.c 
work under the hood, but this does seem likely a non-issue on FreeBSD.

cheers, Ian

More information about the freebsd-stable mailing list