FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo User

 
 
LinkBack Thread Tools
 
Old 10-12-2010, 06:38 AM
daid kahl
 
Default Slow Login, Sudo, etc.

Hello,

I did a large update a week or two ago (400 packages); system is ~x86.
It took awhile and needed some cleaning, but in general everything
went smoothly.

However, I noticed that logins, su, and sudo are all responding
slowly. This was all fixed and fine once I updated my configuration
files, but this week it's acting up again. Before it was just su and
sudo that I noticed as slow (authentication takes around 20 seconds).
But now even logins are delayed (xdm or command line).

As an example that I timed: su, it takes 20 seconds for the password
prompt to appear, and over 60 seconds for the login to authenticate
(assuming the correct password...it is a little faster to fail).

What package(s) are most likely to be responsible for logins and
su/sudo? I tried rebuilding (and also downgrading) pam, and I'm
trying some other things now, but no luck so far.

I'm happy to provide any information, but this kind of problem is
nothing I have experience with, so I have no sense of what else to
mention.

Cheers,
daid
 
Old 10-12-2010, 07:12 AM
daid kahl
 
Default Slow Login, Sudo, etc.

Hmm, as usual, sending email to the user list makes subsequent guesses
have good affects.

Hard to say for certain, but at present, pam is on x86, and I rebuild
most the dependencies I could find in the sudo ebuild (seemed a fine
place to start looking for relevant packages, anyway).

(pam 1.1.1-r2 is x86 and and 1.1.2 is ~x86 at present)

I ran an emerge --oneshot --verbose --ask openldap cyrus-sasl pambase bison

Or it could be gremlins...

If the problem comes back (seems possible) I'll try to see if I can
pinpoint the solution.

~daid

On 12 October 2010 15:38, daid kahl <daidxor@gmail.com> wrote:
> Hello,
>
> I did a large update a week or two ago (400 packages); system is ~x86.
> *It took awhile and needed some cleaning, but in general everything
> went smoothly.
>
> However, I noticed that logins, su, and sudo are all responding
> slowly. *This was all fixed and fine once I updated my configuration
> files, but this week it's acting up again. *Before it was just su and
> sudo that I noticed as slow (authentication takes around 20 seconds).
> But now even logins are delayed (xdm or command line).
>
> As an example that I timed: su, it takes 20 seconds for the password
> prompt to appear, and over 60 seconds for the login to authenticate
> (assuming the correct password...it is a little faster to fail).
>
> What package(s) are most likely to be responsible for logins and
> su/sudo? *I tried rebuilding (and also downgrading) pam, and I'm
> trying some other things now, but no luck so far.
>
> I'm happy to provide any information, but this kind of problem is
> nothing I have experience with, so I have no sense of what else to
> mention.
>
> Cheers,
> daid
>
 
Old 10-12-2010, 07:13 AM
daid kahl
 
Default Slow Login, Sudo, etc.

Sorry, so I put pam back to ~x86 version without any further rebuilds,
and I don't notice any trouble, so it doesn't seem related to pam at
all (my email might imply that).

~daid

On 12 October 2010 16:12, daid kahl <daidxor@gmail.com> wrote:
> Hmm, as usual, sending email to the user list makes subsequent guesses
> have good affects.
>
> Hard to say for certain, but at present, pam is on x86, and I rebuild
> most the dependencies I could find in the sudo ebuild (seemed a fine
> place to start looking for relevant packages, anyway).
>
> (pam 1.1.1-r2 *is x86 and and 1.1.2 is ~x86 at present)
>
> I ran an emerge --oneshot --verbose --ask openldap cyrus-sasl pambase bison
>
> Or it could be gremlins...
>
> If the problem comes back (seems possible) I'll try to see if I can
> pinpoint the solution.
>
> ~daid
>
> On 12 October 2010 15:38, daid kahl <daidxor@gmail.com> wrote:
>> Hello,
>>
>> I did a large update a week or two ago (400 packages); system is ~x86.
>> *It took awhile and needed some cleaning, but in general everything
>> went smoothly.
>>
>> However, I noticed that logins, su, and sudo are all responding
>> slowly. *This was all fixed and fine once I updated my configuration
>> files, but this week it's acting up again. *Before it was just su and
>> sudo that I noticed as slow (authentication takes around 20 seconds).
>> But now even logins are delayed (xdm or command line).
>>
>> As an example that I timed: su, it takes 20 seconds for the password
>> prompt to appear, and over 60 seconds for the login to authenticate
>> (assuming the correct password...it is a little faster to fail).
>>
>> What package(s) are most likely to be responsible for logins and
>> su/sudo? *I tried rebuilding (and also downgrading) pam, and I'm
>> trying some other things now, but no luck so far.
>>
>> I'm happy to provide any information, but this kind of problem is
>> nothing I have experience with, so I have no sense of what else to
>> mention.
>>
>> Cheers,
>> daid
>>
>
 
Old 10-12-2010, 02:42 PM
Paul Hartman
 
Default Slow Login, Sudo, etc.

On Tue, Oct 12, 2010 at 1:38 AM, daid kahl <daidxor@gmail.com> wrote:
> Hello,
>
> I did a large update a week or two ago (400 packages); system is ~x86.
> *It took awhile and needed some cleaning, but in general everything
> went smoothly.
>
> However, I noticed that logins, su, and sudo are all responding
> slowly. *This was all fixed and fine once I updated my configuration
> files, but this week it's acting up again. *Before it was just su and
> sudo that I noticed as slow (authentication takes around 20 seconds).
> But now even logins are delayed (xdm or command line).
>
> As an example that I timed: su, it takes 20 seconds for the password
> prompt to appear, and over 60 seconds for the login to authenticate
> (assuming the correct password...it is a little faster to fail).
>
> What package(s) are most likely to be responsible for logins and
> su/sudo? *I tried rebuilding (and also downgrading) pam, and I'm
> trying some other things now, but no luck so far.
>
> I'm happy to provide any information, but this kind of problem is
> nothing I have experience with, so I have no sense of what else to
> mention.

Recently Thomas Drueke posted about a similar problem under KDE. His
solution(s) were to unset DISPLAY in the short term, and to use KDM
(rather than startkde) in the long term. Maybe that'll help give you
some clues to solve your problem too.
 
Old 10-12-2010, 10:12 PM
walt
 
Default Slow Login, Sudo, etc.

On 10/11/2010 11:38 PM, daid kahl wrote:


However, I noticed that logins, su, and sudo are all responding
slowly. This was all fixed and fine once I updated my configuration
files, but this week it's acting up again. Before it was just su and
sudo that I noticed as slow (authentication takes around 20 seconds).
But now even logins are delayed (xdm or command line).


Whenever I see something that eventually works, but only after a long
delay, I think of DNS problems.

Who might be doing a nonsensical DNS lookup, I have no idea. But you
might consider running a packet sniffer (wireshark, etc) while logging
in or doing an su. Are you running your own local name server?
 
Old 10-13-2010, 01:38 PM
daid kahl
 
Default Slow Login, Sudo, etc.

> On 10/11/2010 11:38 PM, daid kahl wrote:
>
>> However, I noticed that logins, su, and sudo are all responding
>> slowly. *This was all fixed and fine once I updated my configuration
>> files, but this week it's acting up again. *Before it was just su and
>> sudo that I noticed as slow (authentication takes around 20 seconds).
>> But now even logins are delayed (xdm or command line).

On 13 October 2010 07:12, walt <w41ter@gmail.com> wrote:
>
> Whenever I see something that eventually works, but only after a long
> delay, I think of DNS problems.
>
> Who might be doing a nonsensical DNS lookup, I have no idea. *But you
> might consider running a packet sniffer (wireshark, etc) while logging
> in or doing an su. *Are you running your own local name server?

Very very intersting!!

The main correlation I've seen so far is with dhcpcd. Sometimes at my
work I get a 192. IP (which doesn't work), and other times I get a
133. IP (which is correct). In fact, sometimes dhcp is giving me an
IP address and resolv.conf related to a university I was visiting like
a month ago.

In other words, I know I have some networking problems, but I was
reluctant to imagine it was at all related to this login problem, even
though I had some basic empirical data on it.

Anyway, it happened again tonight, and it was resolved after I did
some of the same emerges as before, but I think that might be just
chance.

I look into the DNS stuff. Thanks for the sanity check!

~daid

PS: Sorry for the initial top posting on myself...
 
Old 10-14-2010, 12:28 AM
James Ausmus
 
Default Slow Login, Sudo, etc.

On Wed, Oct 13, 2010 at 6:38 AM, daid kahl <daidxor@gmail.com> wrote:
>> On 10/11/2010 11:38 PM, daid kahl wrote:
>>
>>> However, I noticed that logins, su, and sudo are all responding
>>> slowly. *This was all fixed and fine once I updated my configuration
>>> files, but this week it's acting up again. *Before it was just su and
>>> sudo that I noticed as slow (authentication takes around 20 seconds).
>>> But now even logins are delayed (xdm or command line).
>
> On 13 October 2010 07:12, walt <w41ter@gmail.com> wrote:
>>
>> Whenever I see something that eventually works, but only after a long
>> delay, I think of DNS problems.
>>
>> Who might be doing a nonsensical DNS lookup, I have no idea. *But you
>> might consider running a packet sniffer (wireshark, etc) while logging
>> in or doing an su. *Are you running your own local name server?
>
> Very very intersting!!
>
> The main correlation I've seen so far is with dhcpcd. *Sometimes at my
> work I get a 192. IP (which doesn't work), and other times I get a
> 133. IP (which is correct). *In fact, sometimes dhcp is giving me an
> IP address and resolv.conf related to a university I was visiting like
> a month ago.

It sounds like someone at your work might be (accidentally) running a
rogue DHCP server...

-James
 
Old 10-14-2010, 12:57 AM
Adam Carter
 
Default Slow Login, Sudo, etc.

> The main correlation I've seen so far is with dhcpcd. *Sometimes at my

> work I get a 192. IP (which doesn't work), and other times I get a

> 133. IP (which is correct). *In fact, sometimes dhcp is giving me an

> IP address and resolv.conf related to a university I was visiting like

> a month ago.



It sounds like someone at your work might be (accidentally) running a

rogue DHCP server...



For the 192 address - yeah, someone has probably plugged a WLAN or ADSL router into the local network, and other people will be have the same problem. If they were purposely running a rogue DHCP server to perform a Man In the Middle attack you wouldn't notice any connectivity problems (assuming they set it up correctly).


When dhcpcd fails to get a response from a DHCP server it will typically fall back to Zeroconf/RFC3927 behavior and assign a a169.245.x.y address.

Getting the university address is very odd. AFAIK dhcpcd has no function to fall back to the address from an expired lease.


Grep your logs for dhcpcd and post the result.
 
Old 10-15-2010, 07:24 AM
daid kahl
 
Default Slow Login, Sudo, etc.

>
>> > The main correlation I've seen so far is with dhcpcd. *Sometimes at my
>> > work I get a 192. IP (which doesn't work), and other times I get a
>> > 133. IP (which is correct). *In fact, sometimes dhcp is giving me an
>> > IP address and resolv.conf related to a university I was visiting like
>> > a month ago.
>>
>> It sounds like someone at your work might be (accidentally) running a
>> rogue DHCP server...
>>
>
> For the 192 address - yeah, someone has probably plugged a WLAN or ADSL
> router into the local network, and other people will be have the same
> problem. If they were purposely running a rogue DHCP server to perform a Man
> In the Middle attack you wouldn't notice any connectivity problems (assuming
> they set it up correctly).
>

Yes. I was getting the wireless IP. Turns out my officemate had
turned off the dhcp server. >_<

>
> Getting the university address is very odd. AFAIK dhcpcd has no function to
> fall back to the address from an expired lease.
>
> Grep your logs for dhcpcd and post the result.
>

I found the outdated static configuration file. Woops!

Well, so that was a very silly problem! Non-commented dated
configuration file and broken dhcp server. But the behavior was so
random. And I never new that the DNS lookup would delay logins. So
that was very educational.

Regards,
daid
 

Thread Tools




All times are GMT. The time now is 08:10 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org