[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fwd: Audit / Netlink slowness

Passing this down the grape vine... This time forwarding and not replying 



----------  Forwarded Message  ----------

Subject: Fwd: Audit / Netlink slowness
Date: Tuesday 14 June 2005 02:50
From: Jerone Young <jerone gmail com>
To: tinytim us ibm com

---------- Forwarded message ----------
From: Bernardo Innocenti <bernie develer com>
Date: Jun 14, 2005 2:04 AM
Subject: Audit / Netlink slowness
To: fedora-devel-list redhat com


on a server running kernel 2.6.11-1.1369_FC4, both ssh
and su where taking a longish amount of time (over >1.5 sec.)

Running "strace -r 2>strace.out su", I discovered that
netlink communication is the major cause of slowdown.

"su" connects to a NETLINK_AUDIT socket 3 or 4 times.
Each time it does 2 sendto() + recvfrom() operations,
with a latency of ~200ms.  This adds up to 800ms wasted

Disabling CONFIG_AUDIT in the kernel makes su and ssh
very fast again.

Is this behavior to be expected?  CONFIG_AUDIT is enabled
by default, therefore many people are going to be hit by
this problem.

  // Bernardo Innocenti - Develer S.r.l., R&D dept.
\X/  http://www.develer.com/

fedora-devel-list mailing list
fedora-devel-list redhat com


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]