Mail Archives: cygwin/2014/02/26/08:52:44

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2014/02/26/08:52:44

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:to:subject:message-id:reply-to

:references:mime-version:content-type:in-reply-to; q=dns; s=

default; b=x771JkW5cpJIa87KcT45R0i7SQWi+4De/2vNv3XQ8SbTDqYa3Z9aM

yYLqhIrW/Jphw4sU70Wx7YqKMK/6p1F5GZcYfemsAhBCdI6bGQsNB0bK9GY54GLy

1X1HGpH8AuybuBT++0zxmBvZlihMeTy14TiCL+Z0mP30t3ZsPRzikI=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:to:subject:message-id:reply-to

:references:mime-version:content-type:in-reply-to; s=default;

bh=wMkgDan2u1qMHP0o+6nrl8P3sJg=; b=Dm2AvKi46WM/N80ktJpqm+PkYCxf

Xu4J4K1MLustKQmCkbnwKvqRpkhbfj+cW+IKiPZgA7BNDFJBy8rN3Fkhl55jcY8w

g/NRtxDnsQPtFxD+9xBzEzr3NF0/gli40/FeboWvvefeC8hjLAjnoV7hbFpm19MB

sB+q+RJfE/VlJAE=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_00,SPAM_BODY1 autolearn=no version=3.3.2

X-HELO: calimero.vinschen.de

Date: Wed, 26 Feb 2014 14:52:22 +0100

From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>

To: cygwin AT cygwin DOT com

Subject: Re: Testers needed: New passwd/group handling in Cygwin

Message-ID: <20140226135222.GW2246@calimero.vinschen.de>

Reply-To: cygwin AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

References: <20140213143849 DOT GH2246 AT calimero DOT vinschen DOT de> <87fvn7cb68 DOT fsf AT Rainer DOT invalid> <20140225200414 DOT GA4238 AT calimero DOT vinschen DOT de> <87y50zaqjb DOT fsf AT Rainer DOT invalid> <20140225215423 DOT GA6065 AT calimero DOT vinschen DOT de> <loom DOT 20140226T085959-119 AT post DOT gmane DOT org> <20140226100209 DOT GR2246 AT calimero DOT vinschen DOT de>

MIME-Version: 1.0

In-Reply-To: <20140226100209.GR2246@calimero.vinschen.de>

User-Agent: Mutt/1.5.21 (2010-09-15)

--GspEFBcBBJcorakq
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Feb 26 11:02, Corinna Vinschen wrote:
> On Feb 26 08:09, Achim Gratz wrote:
> > > Sorry, I don't grok this.  What has a web application server to do wi=
th
> > > asking a DC for user info?
> >=20
> > We have one of these that does a lot of DC lookups because it authentic=
ates
> > all users.  It's also in a much faster network, so I can check there wh=
at
> > the lookup rate could be reasonably expected to be.
> >=20
> > > Erm... how often are you calling id, usually?
> >=20
> > I'm currently doing this in the login process to figure out whether the
> > prompt should show "root" powers.  I'll have to figure out something el=
se to
> > do instead.
>=20
> No, you don't.  I'm actually doing the same.  Let's keep up with this
> and try to make Cygwin faster in the first place.

I just created 400 groups in AD, and added myself as member.  An `id' on
a 32 bit Windows 7 domain member machine in my tiny network consisting
only of a handful of Windows VMs and with me as the only real user takes
about 3.6 secs with the latest code from CVS, using a non-optimzed
Cygwin DLL.

> > > Also, we're in the early
> > > stages of testing this change.  The idea is not that you just switch,
> > > the idea is that we *test* this and I get enough feedback to be able =
to
> > > ease the biggest pains.
> >=20
> > Understood.  Until now I had to generate passwd and group files and I w=
as
> > hoping that the need for doing that would go away (I'd also need to tal=
k to
> > our AD folks so they start populating the correct fields).
>=20
> Yup.  Feedback from AD admins is greatly appreciated.
>=20
> > > Other than that, I just had an in-shower inspiration how to speed up
> > > `id' specificially.  The getgroups(2) call is in the center of this a=
nd
> > > I could probably speed up the stuiff a lot by opening the LDAP
> > > connection in getgroups only once.=20
> >=20
> > Thursday?  :-)
>=20
> Hmm, probably.

With this patch applied, the aforementioned `id' now takes about 1.9
secs, in an otherwise identical scenario.

> > > Also, more radically, if we drop the functionality to define another
> > > group name for a group, we could drop the requirement to open an LDAP
> > > connection to fetch group information to the DC entirely(*).  This wo=
uld
> > > only affect domain groups, local groups could still have different
> > > names.  But I'm already wondering for a couple of days if having a
> > > Cygwin group name different from the Windows group name is really
> > > necessary at all.  I added this years ago for fun, but there's no
> > > serious reason I can think of which would require to keep up with thi=
s.
> > >=20
> > > (*) Assuming the group info is cached in the local LSA, which is
> > >     pretty likely for the groups of the current user.
> >=20
> > That would also work for me (I don't think I've ever used that feature
> > consciously).

With this patch applied as well, `id' now takes constantly 0.4 secs.

Note that this speedup is only possible when fetching lots of group
account information.  For user accounts we still need the info from AD,
but apart from the getpwent functionality, which can be restricted via
the db_enum setting in /etc/nsswitch.conf, there's not very often a good
reason to fetch information for hundreds of user accounts.

Anyway, if I send you the link to two DLLs with these patches, would you
mind to test their speed in your environment?


Thanks,
Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--GspEFBcBBJcorakq
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTDfGWAAoJEPU2Bp2uRE+g/a8QAJ0iaDGFitf/PeHmutX6dcSK
OqJ4+a9OB2WjVRZ1C70YulnuKAhaxbv9QP7q4vV3NWTdLCGvNat3z3iaggzB42ky
9WOBNrvclkpddwOkQGDHMjIJjVKPf3xiV50v5gyZjW5THe3E8E6mFX0EwoOKLTLp
k9uHs4Ttfok1uZ1tj4oe24ZXeFzVBYPnlvZ1RvRkSeQKUyubn8FoaSMdgWzFEy9I
ppheBNFKjYtJzEhfizcQ4/V4obM8jS23bqVSGL6SAj9gtOyr99R/c8Jcxd9DFO+H
3yGKX6BO1i4lLlwTU9J8fv3HAIPhwWmOUM13mGNez6BAHeQ0IPKB9OcFUX6GT3dV
DaIlD/uxZRFmlnMIMQgvSOE8ycIhW313yFBxyzTHjheEuThYaZ/jP5Azf9qLSvhs
6isTtVDThn7HHI98rjslmkLzEo7bO+ZSLY1Z68FM4LPP7ASOePEZ5PTODrHcbPWg
HZJkgRxnLG4d0fCMv3wJXf66rwLDgfjRmBmORDlXnouj82a5lOJthqoJ2TaLXtNj
tSqFaVaEjmuiRgSLRLJDF1G6SIum5h2yhAKcleJ7Z6OGig/lRW6eI83uXrUvSNW2
G3NsQuF6wRgwxA1+2S+uPQkSXSN/wQBr+8OGqNIrxkFJkolaka+uz/tX5v/BdhZv
ms7IhALFEUH6ubIRVQP8
=rTmb
-----END PGP SIGNATURE-----

--GspEFBcBBJcorakq--

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=x771JkW5cpJIa87KcT45R0i7SQWi+4De/2vNv3XQ8SbTDqYa3Z9aM
	yYLqhIrW/Jphw4sU70Wx7YqKMK/6p1F5GZcYfemsAhBCdI6bGQsNB0bK9GY54GLy
	1X1HGpH8AuybuBT++0zxmBvZlihMeTy14TiCL+Z0mP30t3ZsPRzikI=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; s=default;
	bh=wMkgDan2u1qMHP0o+6nrl8P3sJg=; b=Dm2AvKi46WM/N80ktJpqm+PkYCxf
	Xu4J4K1MLustKQmCkbnwKvqRpkhbfj+cW+IKiPZgA7BNDFJBy8rN3Fkhl55jcY8w
	g/NRtxDnsQPtFxD+9xBzEzr3NF0/gli40/FeboWvvefeC8hjLAjnoV7hbFpm19MB
	sB+q+RJfE/VlJAE=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-0.9 required=5.0 tests=AWL,BAYES_00,SPAM_BODY1 autolearn=no version=3.3.2
X-HELO:	calimero.vinschen.de
Date:	Wed, 26 Feb 2014 14:52:22 +0100
From:	Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To:	cygwin AT cygwin DOT com
Subject:	Re: Testers needed: New passwd/group handling in Cygwin
Message-ID:	<20140226135222.GW2246@calimero.vinschen.de>
Reply-To:	cygwin AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
References:	<20140213143849 DOT GH2246 AT calimero DOT vinschen DOT de> <87fvn7cb68 DOT fsf AT Rainer DOT invalid> <20140225200414 DOT GA4238 AT calimero DOT vinschen DOT de> <87y50zaqjb DOT fsf AT Rainer DOT invalid> <20140225215423 DOT GA6065 AT calimero DOT vinschen DOT de> <loom DOT 20140226T085959-119 AT post DOT gmane DOT org> <20140226100209 DOT GR2246 AT calimero DOT vinschen DOT de>
MIME-Version:	1.0
In-Reply-To:	<20140226100209.GR2246@calimero.vinschen.de>
User-Agent:	Mutt/1.5.21 (2010-09-15)