diff --git a/ChangeLog b/ChangeLog index 2a8af851..a29a2e2f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2009-07-18 Peter Vrabec + + * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use + getpwent / getgrent for system accounts. Trying the low-IDs with + getpwuid / getgrgid should be more efficient on LDAP configured + systems with many accounts. + 2009-07-05 Piarres Beobide * po/eu.po: Updated Basque translation. diff --git a/NEWS b/NEWS index 3654831c..170fe29b 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,10 @@ shadow-4.1.4.1 -> shadow-4.1.4.2 UNRELEASED - general * Improved support for large groups (impacts most tools). +- addition of system users or groups + * Speed improvement. This should be noticeable in case of LDAP configured + systems. This should impact useradd, groupadd, and newusers + - su * Preserve the DISPLAY and XAUTHORITY environment variables. This was only the case in the non PAM enabled versions. diff --git a/libmisc/find_new_gid.c b/libmisc/find_new_gid.c index 5c260b72..ed72f289 100644 --- a/libmisc/find_new_gid.c +++ b/libmisc/find_new_gid.c @@ -90,17 +90,31 @@ int find_new_gid (bool sys_group, * but we also check the local database (gr_rewind/gr_next) in case * some groups were created but the changes were not committed yet. */ - setgrent (); - while ((grp = getgrent ()) != NULL) { - if ((grp->gr_gid >= group_id) && (grp->gr_gid <= gid_max)) { - group_id = grp->gr_gid + 1; + if (sys_group ) { + /* setgrent / getgrent / endgrent can be very slow with + * LDAP configurations (and many accounts). + * Since there is a limited amount of IDs to be tested + * for system accounts, we just check the existence + * of IDs with getgrgid. + */ + for (group_id = gid_min; group_id <= gid_max; group_id++) { + if (getgrgid (group_id) != NULL) { + used_gids[grp->gr_gid] = true; + } } - /* create index of used GIDs */ - if (grp->gr_gid <= gid_max) { - used_gids[grp->gr_gid] = true; + } else { + setgrent (); + while ((grp = getgrent ()) != NULL) { + if ((grp->gr_gid >= group_id) && (grp->gr_gid <= gid_max)) { + group_id = grp->gr_gid + 1; + } + /* create index of used GIDs */ + if (grp->gr_gid <= gid_max) { + used_gids[grp->gr_gid] = true; + } } + endgrent (); } - endgrent (); gr_rewind (); while ((grp = gr_next ()) != NULL) { if ((grp->gr_gid >= group_id) && (grp->gr_gid <= gid_max)) { diff --git a/libmisc/find_new_uid.c b/libmisc/find_new_uid.c index 74f5709c..3f3d0a95 100644 --- a/libmisc/find_new_uid.c +++ b/libmisc/find_new_uid.c @@ -80,7 +80,6 @@ int find_new_uid (bool sys_user, return 0; } - user_id = uid_min; /* @@ -91,17 +90,31 @@ int find_new_uid (bool sys_user, * but we also check the local database (pw_rewind/pw_next) in case * some users were created but the changes were not committed yet. */ - setpwent (); - while ((pwd = getpwent ()) != NULL) { - if ((pwd->pw_uid >= user_id) && (pwd->pw_uid <= uid_max)) { - user_id = pwd->pw_uid + 1; + if (sys_user) { + /* setpwent / getpwent / endpwent can be very slow with + * LDAP configurations (and many accounts). + * Since there is a limited amount of IDs to be tested + * for system accounts, we just check the existence + * of IDs with getpwuid. + */ + for (user_id = uid_min; user_id <= uid_max; user_id++) { + if (getpwuid (user_id) != NULL) { + used_uids[user_id] = true; + } } - /* create index of used UIDs */ - if (pwd->pw_uid <= uid_max) { - used_uids[pwd->pw_uid] = true; + } else { + setpwent (); + while ((pwd = getpwent ()) != NULL) { + if ((pwd->pw_uid >= user_id) && (pwd->pw_uid <= uid_max)) { + user_id = pwd->pw_uid + 1; + } + /* create index of used UIDs */ + if (pwd->pw_uid <= uid_max) { + used_uids[pwd->pw_uid] = true; + } } + endpwent (); } - endpwent (); pw_rewind (); while ((pwd = pw_next ()) != NULL) { if ((pwd->pw_uid >= user_id) && (pwd->pw_uid <= uid_max)) {