Date: Wed, 30 Jun 2010 14:14:54 +1000 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Dan Nelson <dnelson@allantgroup.com> Cc: "Rick C. Petty" <rick-freebsd2009@kiwi-computer.com>, Rick Macklem <rmacklem@uoguelph.ca>, freebsd-stable@freebsd.org, Adam Vande More <amvandemore@gmail.com> Subject: Re: Why is NFSv4 so slow? (root/toor) Message-ID: <20100630132444.G9227@sola.nimnet.asn.au> In-Reply-To: <20100629160647.GD50409@dan.emsphone.com> References: <20100627221607.GA31646@kay.kiwi-computer.com> <Pine.GSO.4.63.1006271949220.3233@muncher.cs.uoguelph.ca> <20100628031401.GA45282@kay.kiwi-computer.com> <Pine.GSO.4.63.1006280017190.2680@muncher.cs.uoguelph.ca> <20100628140054.GA52174@kay.kiwi-computer.com> <Pine.GSO.4.63.1006281950260.13834@muncher.cs.uoguelph.ca> <20100629134033.O9227@sola.nimnet.asn.au> <Pine.GSO.4.63.1006291054350.24800@muncher.cs.uoguelph.ca> <AANLkTimjDIQ4FRYAD3N_L1C1VermRX3S1PhvG5dSvz5A@mail.gmail.com> <20100629153252.GA71786@kay.kiwi-computer.com> <20100629160647.GD50409@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 29 Jun 2010, Dan Nelson wrote:
> In the last episode (Jun 29), Rick C. Petty said:
> > On Tue, Jun 29, 2010 at 10:20:57AM -0500, Adam Vande More wrote:
> > > On Tue, Jun 29, 2010 at 9:58 AM, Rick Macklem <rmacklem@uoguelph.ca> wrote:
> > >
> > > > I suppose if the FreeBSD world feels that "root" and "toor" must both
> > > > exist in the password database, then "nfsuserd" could be hacked to
> > > > handle the case of translating uid 0 to "root" without calling
> > > > getpwuid(). It seems ugly, but if deleting "toor" from the password
> > > > database upsets people, I can do that.
> > >
> > > I agree with Ian on this. I don't use toor either, but have seen people
> > > use it, and sometimes it will get recommended here for various reasons
> > > e.g. running a root account with a different default shell. It
> > > wouldn't bother me having to do this provided it was documented, but
> > > having to do so would be a POLA violation to many users I think.
> >
> > To be fair, I'm not sure this is even a problem. Rick M. only suggested
> > it as a possibility. I would think that getpwuid() would return the first
> > match which has always been root. At least that's what it does when
> > scanning the passwd file; I'm not sure about NIS. If someone can prove
> > that this will cause a problem with NFSv4, we could consider hackingit.
> > Otherwise I don't think we should change this behavior yet.
>
> If there are multiple users that map to the same userid, nscd on Linux will
> select one name at random and return it for getpwuid() calls. I haven't
> seen this behaviour on FreeBSD or Solaris, though. They always seem to
> return the first entry in the passwd file.
I wondered whether this might be a Linux thing. On my 7.2 system,
% find /usr/src -name "*.[ch]" -exec grep -Hw getpwuid {} \; > file
returns 195 lines, many in the form getpwuid(getuid()), in many base and
contrib components - including id(1), bind, sendmail etc - that could be
nondeterministic if getpwuid(0) ever returned other than root.
Just one mention of 'toor' in /usr/src/usr.sbin/makefs/compat/pwcache.c
Not claiming to know how the lookups in /usr/src/lib/libc/gen/getpwent.c
work under the hood, but this does seem likely a non-issue on FreeBSD.
cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100630132444.G9227>