timeout in LDAP access

Denis Excoffier cygwin@Denis-Excoffier.org
Mon Jun 16 20:39:00 GMT 2014


Hello,

I’ve exercised ‘getent' a little bit those days (with 'db_enum: all’ in /etc/nsswitch.conf), and it seems to me
that the timeout ‘tv' (3 seconds, in ldap.cc) is probably too small for servers not so quickly responsive
or with many (500000, fake or real) users around (see the call to ldap_get_next_page_s()). 300 seconds should be
enough i suppose.

Also it is a pity that LDAP_TIMEOUT is not announced to the user (except under strace: 0x55). I don’t know the
general policy for timeouts, but i consider that the user would like to be informed when the passwd/group list was
truncated.

Another (unrelated and less important) problem is that 'getent' happily produces lines with some extra ‘:’, in
particular when the gecos field itself contains ‘:’.

Regards,

Denis Excoffier.
--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list