Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: Multi-Minute Startup?

In the last episode (Aug 11), Aaron Davies said:
> On Sat, Aug 9, 2008 at 12:03 AM, Benjamin R. Haskell wrote:
> > On Fri, 8 Aug 2008, Aaron Davies wrote:
> >> On Fri, Aug 8, 2008 at 10:58 AM, Dan Nelson wrote:
> >>> In the last episode (Aug 08), Aaron Davies said:
> >>>>
> >>>> FWIW, "getent group" returns 773 lines and takes about 3.5
> >>>> minutes to run.
> >>>
> >>> If it takes that long to return only 773 lines, you should
> >>> probably turn on nscd, or if it's already on, crank up the cache
> >>> size and TTL.
> ok, it is running, and it looks like it should be doing something.
> > egrep passwd\|group /etc/nscd.conf
> # Currently supported cache names (services): passwd, group, hosts
>         enable-cache            passwd          yes
>         positive-time-to-live   passwd          600
>         negative-time-to-live   passwd          20
>         suggested-size          passwd          211
>         check-files             passwd          yes
>         persistent              passwd          yes
>         shared                  passwd          yes
>         enable-cache            group           yes
>         positive-time-to-live   group           3600
>         negative-time-to-live   group           60
>         suggested-size          group           211
>         check-files             group           yes
>         persistent              group           yes
>         shared                  group           yes
> how would you suggest i modify these?
> there are about 700 users and 800 groups in the getent results.

Disable persistent; nscd will crash when its persistent cache fills up.
Raise suggested-size to 1601 (a prime number larger than your current
list size with some room to grow).  Also, raise "positive-time-to-live
passwd" to 3600.  Group membership changes a lot more often than passwd
data does, so you might as well make them the same.  If you change
group memberships a lot, you might want to lower the group TTL (or
remember to bounce nscd whenever you make a change).  Note that
passwords aren't managed by nsswitch/nscd, so don't worry about a high
value desynchronizing passwords.

You can verify that it's working by timing two consecutive "getent
group" runs; the 2nd should return the entire list immediately.  "nscd
-g" also prints some stats, like hit and miss counts.

	Dan Nelson

Messages sorted by: Reverse Date, Date, Thread, Author