Why is there a delay in returning the group info via getent on a group with a large number of members?

Solution Unverified - Updated -

Issue

  • When running a getent for a group with ca. 650 members it takes more than 2 seconds to get a result when sssd has no data in cache
  • The ldap query only needs 0.15 seconds to return results
  • Running a strace for the getent command shows that it waits on one system call
  • This problem has surfaced after the enumerate option was set to false due to heavy network traffic

Environment

  • Red Hat Enterprise Linux (RHEL) 5, 6 and 7
  • SSSD with a LDAP store for user and group information

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content