login: recursive calls to NSS can cause commits to massively slow down
In progress, NormalPublicBUG
Actions

Assigned To

Authored By

	c-po
	Wed, Dec 10, 7:47 PM

Description

When system_login.py runs, it uses get_local_users(), which calls pwd.getpwall() to retrieve all users from NSS - including TACACS. If the TACACS server is slow or unresponsive, this call incurs a timeout and blocks the CLI.

The code then unnecessarily calls pwd.getpwnam() for each username returned by pwd.getpwall() - sometimes twice per user - triggering additional NSS lookups and repeated timeouts. This is redundant because pwd.getpwall() already provides the UID for every user. The extra lookups only add overhead and worsen the delay, so they should be removed.

Details

Version: 1.4.3
Is it a breaking change?: Perfectly compatible
Issue type: Bug (incorrect behavior)

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Wontfix	BUG	c-po	T7234 Local User Commits Get Stuck When TACACS Servers Are Unavailable
		In progress	BUG	c-po	T8088 login: recursive calls to NSS can cause commits to massively slow down

Event Timeline

c-po created this task.Wed, Dec 10, 7:47 PM

c-po changed the task status from Open to In progress.

c-po claimed this task.

c-po triaged this task as Normal priority.

c-po renamed this task from tacacs: recursive calls to NSS can cause commits to massively slow down to login: recursive calls to NSS can cause commits to massively slow down.Wed, Dec 10, 7:49 PM

login: recursive calls to NSS can cause commits to massively slow downIn progress, NormalPublicBUGActions

Description

Details

Related ObjectsSearch...

Event Timeline

login: recursive calls to NSS can cause commits to massively slow down
In progress, NormalPublicBUG
Actions

Related Objects
Search...