Package: man-db Version: 2.9.4-2 Severity: normal Tags: upstream Hi Colin,
I've noticed that during upgrades to bullseye, the man-db trigger now seems to take a very long time; in fact, it frequently seems to be a significant time of the total time of the full-upgrade (depending, of course, on network speeds). After digging a bit, I think I've figured out why I haven't seen this before; it's become a _lot_ slower recently, so it wasn't on the radar before. It seems that due to a combination of the architecture chosen for these operations (a pipeline system, seemingly forking off subprocesses and running lots of syscalls in the process) and a new sandbox model (based on seccomp, which needs a lot of setup for each new subprocess and adds considerable overhead to each syscall), most of the total time is now spent in pure setup overhead. As an example, a complete mandb run (mandb -c) on my laptop takes 3 minutes and 39 seconds. (Of course, the man-db trigger is incremental, but on a full-upgrade, many man pages are likely to be updated.) If I set MAN_DISABLE_SECCOMP=1, it drops to 1:41. If I recompile without HAVE_LIBSECCOMP, it's down to 51 seconds! I still honestly think this is slower than it should be for decompressing and indexing 144 MB of data, but it means that the sandboxing has 329% overhead on a modern kernel (5.15.0-2-amd64). I don't honestly know what this database is for, but my guess is that it is for the apropos command, which seems rare. (At least nothing obviously bad happens to my man usage if I “rm -r /var/cache/man/*”, but apropos stops working.) Is it possible to either speed up man-db so that it takes less time to build its database, or otherwise perhaps split apropos out into a separate not-installed-by-default package, so that normal installations do not need to take this installation hit? Or maybe move man-db updating to cron? -- System Information: Debian Release: 11.2 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates'), (500, 'oldoldstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.14.0 (SMP w/40 CPU threads) Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8), LANGUAGE=en_NO:en_US:en_GB:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages man-db depends on: ii bsdextrautils 2.36.1-8 ii bsdmainutils 12.1.7+nmu3 ii debconf [debconf-2.0] 1.5.77 ii dpkg 1.20.9 ii groff-base 1.22.4-6 ii libc6 2.31-13+deb11u2 ii libgdbm6 1.19-2 ii libpipeline1 1.5.3-1 ii libseccomp2 2.5.1-1+deb11u1 ii zlib1g 1:1.2.11.dfsg-2 man-db recommends no packages. Versions of packages man-db suggests: ii apparmor 2.13.6-10 ii chromium [www-browser] 90.0.4430.212-1 ii firefox-esr [www-browser] 91.4.1esr-1~deb11u1 pn groff <none> ii less 551-2 ii lynx [www-browser] 2.9.0dev.6-3~deb11u1 ii w3m [www-browser] 0.5.3+git20210102-6 -- debconf-show failed