From nobody Mon Oct  7 15:33:51 2024
X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XMjqY2vWKz5YLKC
	for <freebsd-hackers@mlmmj.nyi.freebsd.org>; Mon, 07 Oct 2024 15:34:01 +0000 (UTC)
	(envelope-from zarychtam@plan-b.pwste.edu.pl)
Received: from plan-b.pwste.edu.pl (plan-b.pwste.edu.pl [IPv6:2001:678:618::40])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "plan-b.pwste.edu.pl", Issuer "GEANT OV RSA CA 4" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4XMjqX6HxVz4RTr
	for <freebsd-hackers@freebsd.org>; Mon,  7 Oct 2024 15:34:00 +0000 (UTC)
	(envelope-from zarychtam@plan-b.pwste.edu.pl)
Authentication-Results: mx1.freebsd.org;
	none
Received: from [IPV6:2001:678:618:402f:c1d6:e548:55ce:baed] ([IPv6:2001:678:618:402f:c1d6:e548:55ce:baed])
	(authenticated bits=0)
	by plan-b.pwste.edu.pl (8.18.1/8.17.2) with ESMTPSA id 497FXt96004518
	(version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO);
	Mon, 7 Oct 2024 17:33:55 +0200 (CEST)
	(envelope-from zarychtam@plan-b.pwste.edu.pl)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=plan-b.pwste.edu.pl;
	s=plan-b-mailer; t=1728315235;
	bh=X1vBL4VGs0cc++qaJc7+tCvvQzRlWSXC7YIcnh7n8es=;
	h=Date:From:Subject:To:References:Cc:In-Reply-To;
	b=fDTEuV7WtBMxd6NymKIthe5+g42sB//LpFgw8wlMBkC6l0xL/fX+EATwwKtcXp+rN
	 OH/fyiW3OQpVM0VgaYZXJPHtvgvtxOYSaRFan3vNpk1Kq15Zm7q8t85HUX6UVMDoXf
	 Xch/2zB29jZGAihtg7OioCNmOtOqyx0aMAHLtDp1taIOXCXnF4ifrSggh1V1CG1U51
	 l70hbn1i4Ttt3y5V7A2ADndhFSJzGffAm+T5yAdo+3/7RHGk0ZZnq+iCJo6sPqX0h4
	 LEsaiuQx7NouokZ8QVVFf70TTTHeo7K53ctKDr+wVfnVPSnP8K7oqKvq3yAUR7Wh8U
	 UUK2lWBOf2rLw==
Content-Type: multipart/alternative;
 boundary="------------D1rFfEvTaTiecJtZmNdQ5XEB"
Message-ID: <a9b5e3e7-904f-46be-ab0e-068c6e6fef0a@plan-b.pwste.edu.pl>
Date: Mon, 7 Oct 2024 18:33:51 +0300
List-Id: Technical discussions relating to FreeBSD <freebsd-hackers.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-hackers
List-Help: <mailto:freebsd-hackers+help@freebsd.org>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Subscribe: <mailto:freebsd-hackers+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-hackers+unsubscribe@freebsd.org>
Sender: owner-freebsd-hackers@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
Subject: Re: Review D38047 ... and then there was one....
To: David Cross <dcrosstech@gmail.com>
References: <1fd47603-0bf2-4fcf-a556-22335d99e203@plan-b.pwste.edu.pl>
 <DB1FFEBD-1FD4-43A5-9899-85C6DD292E3E@gmail.com>
Content-Language: en-US
Cc: freebsd-hackers@freebsd.org
In-Reply-To: <DB1FFEBD-1FD4-43A5-9899-85C6DD292E3E@gmail.com>
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:206006, ipnet:2001:678:618::/48, country:PL]
X-Rspamd-Queue-Id: 4XMjqX6HxVz4RTr
X-Spamd-Bar: ----

This is a multi-part message in MIME format.
--------------D1rFfEvTaTiecJtZmNdQ5XEB
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit

W dniu 7.10.2024 o 07:05, David Cross pisze:

> How many entries are in your ldap structure?  I can attempt a replication here

Hello David,

I will rather not expose it publicly. Whole LDAP directory contains few 
thousand entries - and it was was used for the tests mentioned in this 
thread.

With the filters applied I see below 1k entries, and then lookup with 
nsdc running takes: first lookup 0.16s, next lookups 0.09s, while 
without nscd it varies from 0.12 to 0.08 - so nscd performs OK.

I have your patch applied and I am still testing it with 
net/nss-pam-ldapd from ports with patch for login classes applied (it's 
present in port but not enabled by default). So far it works without issues.

-- 
Marek Zarychta

--------------D1rFfEvTaTiecJtZmNdQ5XEB
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<!DOCTYPE html>
<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>W dniu 7.10.2024 o 07:05, David Cross pisze: </p>
    <blockquote type="cite"
      cite="mid:DB1FFEBD-1FD4-43A5-9899-85C6DD292E3E@gmail.com">
      <pre wrap="" class="moz-quote-pre">How many entries are in your ldap structure?  I can attempt a replication here</pre>
    </blockquote>
    <p>Hello David, <br>
    </p>
    <p>I will rather not expose it publicly. Whole LDAP directory
      contains few thousand entries - and it was was used for the tests
      mentioned in this thread.</p>
    <p>With the filters applied I see below 1k entries, and then lookup
      with nsdc running takes: first lookup 0.16s, next lookups 0.09s,
      while without nscd it varies from 0.12 to 0.08 - so nscd performs
      OK. <br>
    </p>
    <p>I have your patch applied and I am still testing it with
      net/nss-pam-ldapd from ports with patch for login classes applied
      (it's present in port but not enabled by default). So far it works
      without issues.<br>
    </p>
    <p><span style="white-space: pre-wrap">
</span></p>
    <pre class="moz-signature" cols="72">-- 
Marek Zarychta</pre>
  </body>
</html>

--------------D1rFfEvTaTiecJtZmNdQ5XEB--