I have a feature request or bug fix as I see it.
We use LDAP for NSS/PAM and we have about 50,000 user accounts and 50,000
groups. Each user has a group. I have noticed that our LDAP servers were
having some performance problems from time to time. I narrowed it down to
openpkg causing severe LDAP lookups during cron routines and other types of
openpkg commands.
I found the following three shell scripts calling getent in a horribly
inefficient way. Basically causing a complete dump of the password and
group file for certain operations.
/usr/local/etc/openpkg/rpmmacros
Several lines like this:
%l_suid %((getent passwd; cat /etc/passwd; ypcat passwd;
nidump passwd .) 2>/dev/null | grep "^ %{l_susr}:" | sed -e 'q' |
awk -F: '{ print $3; }')
/usr/local/lib/openpkg/shtool
This one as the following:
groupname=`(getent group) 2>/dev/null | \
grep "^[^:]*:[^:]*:${groupid}:" | \
sed -e 's/:.*$//'`
/usr/local/libexec/openpkg-tools/dev.sh
This one has the following:
realname=`(getent passwd; cat /etc/passwd; ypcat passwd; nidump passwd .)
2>/dev/null |\
grep "^${username}:" | awk -F: '{ print $5; }'`
Ideally these would have something like:
getent passwd ${username} ; grep ^${username} /etc/passwd; ypmatch
${username} passwd; nidump passwd
I am sure NIS+ has a similar command, but I don't use it.
I see that this has been done is a few of the scripts, but those there seem
to still have problems. Anyhow, that would certainly make things way more
efficient.
Thanks,
Mark Keller
______________________________________________________________________
The OpenPKG Project www.openpkg.org
Developer Communication List openpkg-dev@openpkg.org
