Bug 681562 - id -G group resolution takes extremely long
id -G group resolution takes extremely long
Product: Fedora
Classification: Fedora
Component: sssd (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Stephen Gallagher
Fedora Extras Quality Assurance
Depends On:
Blocks: 742052
  Show dependency treegraph
Reported: 2011-03-02 10:32 EST by Marcus Moeller
Modified: 2011-09-28 17:14 EDT (History)
4 users (show)

See Also:
Fixed In Version: sssd-1.6.0-2.fc16
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 742052 (view as bug list)
Last Closed: 2011-08-22 11:19:52 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Marcus Moeller 2011-03-02 10:32:22 EST
Description of problem:

takes more than 8 minutes.

id -G $USERNAME is fast.

It seems id $USERNAME first looks up the list of groups (like 'id -G') and then requests all of the groups (and nested groups) associated with that account, as well as ALL the users in any of those groups.

Instead, sssd should only look up the groups and the LIST of users in those
groups (and not also grabbing the full set of data on those users).

Kind Regards
Comment 1 Sumit Bose 2011-03-02 11:20:44 EST
This issue it tracked upstream in https://fedorahosted.org/sssd/ticket/799 .
Comment 2 Marcus Moeller 2011-04-12 06:29:07 EDT
any update on that?
Comment 3 Jakub Hrozek 2011-04-12 06:48:27 EDT
(In reply to comment #2)
> any update on that?

Yes, the fix I did for the issue originally (downloading and saving just the minimal amount of data) did not bring as much speedup as I had hoped for. So we decided to do one more optimization - if the server supports a dereference search (OpenLDAP, 389DS) or ASQ (Active Directory), use it to get all members in a single LDAP request.

Unfortunately doing this right is much more work, so it is taking longer than originally expected. But this bug one of the blockers for 1.6, so it definitely should make that release.
Comment 4 Fedora Update System 2011-08-05 10:33:47 EDT
sssd-1.6.0-2.fc16, libtevent-0.9.13-1.fc16, libldb-1.1.0-1.fc16 has been submitted as an update for Fedora 16.
Comment 5 Fedora Update System 2011-08-22 11:19:42 EDT
sssd-1.6.0-2.fc16, libtevent-0.9.13-1.fc16, libldb-1.1.0-1.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.