198160 – Should have hash files for lastlog and faillog

Bug 198160 - Should have hash files for lastlog and faillog

Summary: Should have hash files for lastlog and faillog

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	pam
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-07-10 12:28 UTC by Russell Coker
Modified:	2010-12-06 11:16 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-12-06 11:16:11 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Russell Coker 2006-07-10 12:28:42 UTC

The lastlog and faillog files deliver inadequate performance when there are 
UID numbers in the >500,000,000 range.  A test on a Pentium-M 1.7GHz showed 
the "faillog" program taking over a minute of CPU time.

faillog is in the shadow-utils package but I'm filing the bug report against 
pam because of pam_tally.so and other modules that use it.

A hacky solution would be to have the same format of the faillog and lastlog 
files (with holes) but to have a hash table in a separate file that indicates 
which parts of the files are not holes.

I think that the best long-term solution is to migrate to a new file format 
and break compatibility (as we did with utmp).

Comment 1 David Tonhofer 2009-01-18 23:08:25 UTC

I second the motion to have a non-sparse representation of "faillog". For problems with the sparse representation of "lastlog", see bug#146214.

Comment 2 Tomas Mraz 2010-12-06 11:16:11 UTC

pam_faillock uses a different data structure - a file per user in a /var/run/faillock directory. This should be reasonably scalable.

Note You need to log in before you can comment on or make changes to this bug.