Bug 84070 - RSH performance issue with hosts.equiv
RSH performance issue with hosts.equiv
Status: CLOSED WONTFIX
Product: Red Hat Linux
Classification: Retired
Component: rsh (Show other bugs)
7.2
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Karel Zak
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-02-11 16:07 EST by Mike Gahagan
Modified: 2007-04-18 12:51 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-11-17 09:05:12 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
trace of rshd (244.19 KB, application/octet-stream)
2003-02-11 16:10 EST, Mike Gahagan
no flags Details

  None (edit)
Description Mike Gahagan 2003-02-11 16:07:21 EST
Description of problem:
This is actually with rsh-server, but I didn't see it as one of the choices.

rsh-server when used with /etc/hosts.equiv will perfom many unecessary host
lookups which causes significant delays in large environments, the scenario is
as follows:

In this environment there are many hosts listed in hosts.equiv, those hostnames
are resolvable through /etc/hosts distributed by NIS. Hosts in nsswitch.conf is
configured to use files, then nis, then DNS. What happens is that every entry in
hosts.equiv, we get a resolution attempt through /etc/hosts, DNS, NIS seemingly
at the same time. This can cause login attempts to take sometimes minutes to
complete. It seems that we should only be getting resolution attempts for the
client host name to see if it matches an entry in hosts.equiv. I suspect there
might also be a resolver library bug of some sort as well.

This problem DOES NOT occur when .rhosts files are in use.

Version-Release number of selected component (if applicable):

RH 6.2
glibc-devel-2.1.3-15
rsh-server-0.16-12

RH7.0
glibc-devel-2.1.92-14
rsh-server-0.17-2.2

RH7.1
glibc-devel-2.2.4-19
rsh-server-0.17-2.5

RH7.2
glibc-devel-2.2.4-24
rsh-server-0.17-5


How reproducible:

Always

Steps to Reproduce:
1. see description
2.
3.
    
Actual results:

Logins work as expected but many, many unneeded lookups occur. The lookups can
be verified with either a packet analyzer on the network or strace'ing the rshd
process.

Expected results:

Logins should work and unnecessary host lookups should not be performed.

Additional info:

Unfortunately, 'scrap rsh/rlogin & NIS for hostnames and use ssh and DNS
instead' is not an acceptable answer in this environment. Joshua Jensen and Tim
Kramer (both at Red Hat) can provide more information if needed. See also IT#
10403. See also the attached strace.
Comment 1 Mike Gahagan 2003-02-11 16:10:33 EST
Created attachment 90013 [details]
trace of rshd
Comment 2 Karel Zak 2004-11-17 09:05:12 EST
Won't fix. The code that evaluates /etc/hosts.equiv is located in the
pam_rhosts_auth module. And the logic of code is right because into
this file you can save aliases or other thigs and safe way how compare
remote host with a host in the hosts.equiv is convert all to IP.

Note You need to log in before you can comment on or make changes to this bug.