netbsd-users: Re: pwd_mkdb - Lets do this differently!

Subject: Re: pwd_mkdb - Lets do this differently!
To: None <netbsd-users@netbsd.org, netbsd-current@netbsd.org>
From: Stephen M Jones <smj@cirr.com>
List: netbsd-users
Date: 08/08/2001 21:27:52
Takahiro write:

> Very interesting.  What about process size of pwd_mkdb(8)?

 2256K 3128K sleep     0:04  4.10%  4.00% pwd_mkdb at start up
 and growing by a few K.

  284.39s real     4.07s user    10.12s system (running $ time passwd)

I know you sent a PR back in January in 1999 regarding this and
making a -u flat for pwd_mkdb to update a user record.  There
have been significant changes to pwd_mkdb in the past two years
that your patches no longer can just be applied.  Its possible
to be done by hand, but what I'd rather see is just getting this
settled once in for all.  

For all NetBSD admins who intend to use the stock password 
manipulation tools for say more than 10k+ users bases who demand
realtime updates (user invoked commands such as chpass) we'd
all pretty much agree that "NetBSD isn't ready for prime time"

I've received a few messages from people who are confident that this
is an easy hack.  If it is really easy, then lets see it happen!  I
think for those of us who do have large userbases, that its almost
imparative that this sort of fundamental change be made if we just
put our efforts together.

> Once I implement the CGI adding bulk user in my real world.  (It was
> on FreeBSD 2.2.8 with almost the same logic.)
> 
> 1. Adding all new user and modifying all user in master.passwd.
> 2. Executing pwd_mkdb(8).
> 3. Creating User's home directories.
> 
> 2. and 3. process are done in background for preventing CGI's timeout.
> 
> Just for your information.

Right, if you are just adding accounts or 'only doing updates every
hour on the hour' this might work for the interim.  For my situation
The breakdown has been like this (for the past 8 days):

usermod:  23    ; invoked by me to move a user into a new group
stacct: 1574    ; my passwd/shadow apend program .. basically a 'useradd'
                  run on demand 24/7
purgem:  481    ; script that purges inactive / suicide accounts 'userdel'
chsh:    179    ; change shell
chfn:     60    ; GECOS field frobbing
passwd:  138    ; password field update.

These can be done rather quickly (within seconds if not less) with 
passwd/shadow suite and 29,000+ accounts.

Of course the draw back to flat files is ls -la /var/spool/mail waits for
ever... but you're just asking for that, aren't you? and its a trade off,
yes .. but for me it much more worth while to have to wait on an ls on a
directory I'd never do an ls -la in anyway than having to wait for 12mb
and growing) pwd.db and spwd.db to be regenerated.

Thanks to David Brownlee and Erik for suggesting use of yellow plague.  Its
something I have considered as well as I will have to move two production
leenox machines (same userbase) to two NetBSD machines.  If the yellow
plague can be sped up I'd like to see more information posted regarding
the technical aspects of it.

Thanks guys, keep communicating!

SMJ