From owner-freebsd-stable@FreeBSD.ORG Mon Apr 25 17:00:25 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1F64316A4CE for ; Mon, 25 Apr 2005 17:00:25 +0000 (GMT) Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id B0E0A43D64 for ; Mon, 25 Apr 2005 17:00:24 +0000 (GMT) (envelope-from dan@dan.emsphone.com) Received: (from dan@localhost) by dan.emsphone.com (8.13.1/8.13.3) id j3PH0OkV096271 for freebsd-stable@freebsd.org; Mon, 25 Apr 2005 12:00:24 -0500 (CDT) (envelope-from dan) Date: Mon, 25 Apr 2005 12:00:23 -0500 From: Dan Nelson To: freebsd-stable@freebsd.org Message-ID: <20050425170023.GB53806@dan.emsphone.com> References: <20050425105919.GA95908@e-Gitt.NET> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050425105919.GA95908@e-Gitt.NET> X-OS: FreeBSD 5.4-STABLE X-message-flag: Outlook Error User-Agent: Mutt/1.5.8i Subject: Re: nss_ldap / top startup X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Apr 2005 17:00:25 -0000 In the last episode (Apr 25), Oliver Brandmueller said: > I have some servers running running on 5.4-STABLE as of Apr 5th. I > use nss_ldap for a userbase of currently about 24000 accounts (will > be growing to approx 60000 in the next weeks). I don't use pam_ldap > currently, because users only need to login by IMAP, POP, SMTP and > FTP, for all of these services daemons are used which natively auth > against the LDAP server. > > The more accounts there are in the LDAP directory, the longer the > startup of "top" takes. With the current userbase top takes about 3-4 > seconds to start (on a mostly idle Dual Xeon 2.8GHz with fast disks > and local slapd). > > The startup time is not any different, sometimes I feel (did not try > to measure) it's even longer, if I use "top -u" to not map uids. The > running processes are only from a few uids, all the LDAP users > usually don't have processes running under thier IDs. You can benchmark top by running "time top -d1", which will print one page then immediately exit. > Any ideas, why this is happening? Will I need 10 seconds, when there > are 60000 accounts in LDAP? :-) Try editing /usr/src/usr.bin/top/Makefile, add -DRANDOM_PW, and rebuild. That should probably be the default on FreeBSD anyway. -- Dan Nelson dnelson@allantgroup.com