Bug 84070
| Summary: | RSH performance issue with hosts.equiv | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Mike Gahagan <mgahagan> | ||||
| Component: | rsh | Assignee: | Karel Zak <kzak> | ||||
| Status: | CLOSED WONTFIX | QA Contact: | Ben Levenson <benl> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 7.2 | CC: | tao | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | i386 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2004-11-17 14:05:12 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 90013 [details]
trace of rshd
Won't fix. The code that evaluates /etc/hosts.equiv is located in the pam_rhosts_auth module. And the logic of code is right because into this file you can save aliases or other thigs and safe way how compare remote host with a host in the hosts.equiv is convert all to IP. |
Description of problem: This is actually with rsh-server, but I didn't see it as one of the choices. rsh-server when used with /etc/hosts.equiv will perfom many unecessary host lookups which causes significant delays in large environments, the scenario is as follows: In this environment there are many hosts listed in hosts.equiv, those hostnames are resolvable through /etc/hosts distributed by NIS. Hosts in nsswitch.conf is configured to use files, then nis, then DNS. What happens is that every entry in hosts.equiv, we get a resolution attempt through /etc/hosts, DNS, NIS seemingly at the same time. This can cause login attempts to take sometimes minutes to complete. It seems that we should only be getting resolution attempts for the client host name to see if it matches an entry in hosts.equiv. I suspect there might also be a resolver library bug of some sort as well. This problem DOES NOT occur when .rhosts files are in use. Version-Release number of selected component (if applicable): RH 6.2 glibc-devel-2.1.3-15 rsh-server-0.16-12 RH7.0 glibc-devel-2.1.92-14 rsh-server-0.17-2.2 RH7.1 glibc-devel-2.2.4-19 rsh-server-0.17-2.5 RH7.2 glibc-devel-2.2.4-24 rsh-server-0.17-5 How reproducible: Always Steps to Reproduce: 1. see description 2. 3. Actual results: Logins work as expected but many, many unneeded lookups occur. The lookups can be verified with either a packet analyzer on the network or strace'ing the rshd process. Expected results: Logins should work and unnecessary host lookups should not be performed. Additional info: Unfortunately, 'scrap rsh/rlogin & NIS for hostnames and use ssh and DNS instead' is not an acceptable answer in this environment. Joshua Jensen and Tim Kramer (both at Red Hat) can provide more information if needed. See also IT# 10403. See also the attached strace.