Very slow password validation
Jerry Amundson
jamundso at gmail.com
Thu Aug 14 01:51:32 UTC 2008
On Wed, Aug 13, 2008 at 8:22 PM, Jim Cornette <fct-cornette at wowway.com> wrote:
> Tomas Mraz wrote:
>>
>> On Thu, 2008-07-31 at 20:20 -0400, Jim Cornette wrote:
>>>
>>> Jim Cornette wrote:
>>>>
>>>> Tomas Mraz wrote:
>>>>>>
>>>>>> AS with Clyde, it is in gnome-terminal issuing the su - command
>>>>>> I have ssh disabled.
>>>>>
>>>>> Can you strace the process and see where it is waiting? You will have
>>>>> to
>>>>> attach the strace to the su process from another root shell of course.
>>>>
>>>> It appears to be hanging only on the first su - instance. When I logged
>>>> in one terminal by su - and logged in the second terminal with su to attach,
>>>> it was fairly quick.
>>>>
>>>> If the attachment does not give you a clue, I'll log in a regular root
>>>> console to attach. See text file attached.
>>>>
>>>> Jim
>>>>
>>> It looks like time to change the root password :-)
>>
>> I also didn't ask you to attach the full strace but told you that you
>> should use it to find out where the process is waiting. :-) But I should
>> have write a warning that the strace will contain the password so some
>> testing password should be used.
>>
>> Also attaching a gdb to the process and printing a backtrace (especially
>> with relevant -debuginfo) packages can help to find out where the
>> process is waiting.
>>
>
> Sorry for posting the whole trace, If I would have skimmed through the trace
> first I would have noted the password was in it and not have carelessly
> posted the info.
>
> Anyway, the problem seems to be an initial login as root, even at runlevel 3
> and on a vt. Later logins do not seem to have the delay.
It's possible I'm on a tangent, but what settings does
/etc/nsswitch.conf have for passwd/shadow/group/hosts?
Specifically, I see slow validation when any of the above items
contains something in addition to "files" and the corresponding
addition is unavailable or slow in responding.
jerry
--
Some people say I have A.D.D. but they just don't understand. Oh look!
A chicken!
More information about the fedora-test-list
mailing list