extremely slow sudo with many network interfaces due to slow getifaddrs() syscall perf
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sudo (Ubuntu) |
Fix Released
|
Medium
|
Chris J Arges | ||
Precise |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Sudo performance degrades when many network interfaces exist. This is due to a slow getifaddrs() syscall performance on linux. Upsteam has added the ability to disable the checking the network interfaces with a runtime option in version 1.8.10 with commit http://
Upstream discussion: http://
This is on Ubuntu 12.04 w/ Sudo 1.8.3p1-1ubuntu3.4. The fix does need to land on trusty before it can be SRUed.
[Impact]
Test case results:
w/ sudo: At the end of the test per the real time per sudo command is as high as .16 and takes almost 13 minutes.
w/ root: At the end of the test the real time per command is .02/.03 and takes about 7 minutes total.
[Test Case]
#!/bin/bash
SUDO=sudo
for i in `seq 1 $1`
do
j=`printf %.4d $i`
$SUDO ip netns add bar${j}
$SUDO ip netns exec bar${j} ip link set lo up
$SUDO ip netns exec bar${j} sysctl -w net.ipv4.
$SUDO ip link add qroutside${j} type veth peer name qrinside${j} netns bar${j}
/usr/bin/time -f "%e" $SUDO ip link add qgoutside${j} type veth peer name qginside${j} netns bar${j}
done
echo Created $j
1. Run with argument 2000.
2. Reboot
3. Change line to SUDO= and then run as root still with argument 2000.
[Regression Potential]
This is adding one runtime variable, that was previously only a compile time variable.
Related branches
Changed in sudo (Ubuntu): | |
assignee: | nobody → Chris J Arges (arges) |
importance: | Undecided → Medium |
status: | New → In Progress |
summary: |
- Slow sudo; Backport ability to disable network interface probing + extremely slow sudo with many network interfaces due to slow + getifaddrs() syscall perf |
This bug was fixed in the package sudo - 1.8.9p4-1ubuntu2
---------------
sudo (1.8.9p4-1ubuntu2) trusty; urgency=medium
* Enable and refresh: actually- use-buildflags: Pass LDFLAGS everywhere
* Add the ability to disable network interface probing. This fixes
performance issues with large number of network interfaces (LP: #1272414)
-- Chris J Arges <email address hidden> Tue, 28 Jan 2014 05:07:02 -0600