current-users: Re: pwd_mkdb - 29,000 users in 7 Seconds.

Subject: Re: pwd_mkdb - 29,000 users in 7 Seconds.
To: None <current-users@netbsd.org, netbsd-users@netbsd.org>
From: Stephen M Jones <smj@cirr.com>
List: current-users
Date: 08/09/2001 12:16:50

I always wondered about their name.

Anyways after much frobbing of pwd_mkdb, I've found a short term
solution and perhaps a long term solution for secure machines.

Basically, I did the cache/sizing adjustments as mentioned in
my previous email which helped get the smaller, less stock but
still extremely huge hash tables in and out of memory faster.
That got me down to about
19 seconds for a 29,000 user database rebuild.

This morning I went ahead and tried the MFS idea.  So now
*pwd.db.* files are created and stored in memory.  It was mentioned
to me that this would be a security risk, if anyone on the system
figured out how to read by accessing group kmem.  Are there any
know security holes for reading memory from a user level process?

Anyway, I went ahead and made the redefines in pwd.h at my own
discretion and will go rebuild whatever utilities need those
defintions to avoid creating funky symlinks.

Here are the stats:


Thu Aug  9 12:46:55 UTC 2001
# time passwd marvelli 
Changing local password for marvelli.
New password:
Please enter a longer password.
New password:
Retype new password:
date
    6.59s real     3.43s user     1.44s system
# date
Thu Aug  9 12:47:03 UTC 2001

tmp files:
total 39604
drwxrwxrwt   2 root  wheel       512 Aug  9 12:46 .
drwxr-xr-x  17 root  wheel       512 Aug  9 12:34 ..
-rw-r--r--   1 root  wheel  10690560 Aug  9 12:46 pwd.db
-rw-r--r--   1 root  wheel         0 Aug  9 12:46 pwd.db.tmp
-rw-------   1 root  wheel  11181056 Aug  9 12:46 spwd.db
total 57444
drwxrwxrwt   2 root  wheel       512 Aug  9 12:47 .
drwxr-xr-x  17 root  wheel       512 Aug  9 12:34 ..
-rw-r--r--   1 root  wheel  10690560 Aug  9 12:46 pwd.db
-rw-r--r--   1 root  wheel  10690560 Aug  9 12:47 pwd.db.tmp
-rw-------   1 root  wheel  11181056 Aug  9 12:46 spwd.db
-rw-------   1 root  wheel         0 Aug  9 12:47 spwd.db.tmp
total 76436
drwxrwxrwt   2 root  wheel       512 Aug  9 12:47 .
drwxr-xr-x  17 root  wheel       512 Aug  9 12:34 ..
-rw-r--r--   1 root  wheel  10690560 Aug  9 12:46 pwd.db
-rw-r--r--   1 root  wheel  10690560 Aug  9 12:47 pwd.db.tmp
-rw-------   1 root  wheel  11181056 Aug  9 12:46 spwd.db
-rw-------   1 root  wheel  10997760 Aug  9 12:47 spwd.db.tmp
total 39604
drwxrwxrwt   2 root  wheel       512 Aug  9 12:47 .
drwxr-xr-x  17 root  wheel       512 Aug  9 12:34 ..
-rw-r--r--   1 root  wheel  10690560 Aug  9 12:47 pwd.db
-rw-------   1 root  wheel  11181056 Aug  9 12:47 spwd.db