[sudo-workers] Is there a way to avoid get_net_ifs() when the information won't be used?

Rick Jones rick.jones2 at hp.com
Thu Jan 23 11:58:20 MST 2014 

On 01/23/2014 09:12 AM, Todd C. Miller wrote:
> It looks like getifaddrs() is slow on Linux when there are a lot
> of aliases.  I guess when they made getifaddrs() support IPv6 they
> changed how it gets the interface list from ioctl() (which could
> grab the list at once) to using recvmsg() with AF_NETLINK to query
> each one.
>
> I'm afraid that's more or a Linux bug than a sudo bug, though you
> can certainly disable this with configure's --without-interfaces
> option.  I'll consider adding a sudo.conf flag to disable it at
> run-time.

A run-time switch would be splendid.

I've gone ahead and fired-up a FreeBSD 9.2-RELEASE VM, and created 8000 
"gre" interfaces (without IPs assigned, just "ifconfig greN create")and 
while there was a slight increase in time for sudo (unpatched 1.8.9p4) 
of a few milliseconds, it wasn't nearly as bad as under Linux.  I'm 
going to spin-up a similar, Ubuntu 13.10 VM to get a better A/B 
comparison (everything I've mentioned thusfar has been bare-iron, but I 
don't have the luxury of running FreeBSD on bare-iron) and perhaps 
mention it to the Linux netdev folks.  Would you like to be cc'd on that 
message?

rick jones

I'm guessing the two __sysctl calls are the getifaddrs() call.  The will 
consider printf is after the list returned by getifaddrs has been walked:
  72152: 0.019917261 0.000043360 write(1,"Calling getifaddrs\n",19) = 19 
(0x13)
  72152: 0.024739789 0.004785398 
__sysctl(0x7fffffffd3e0,0x6,0x0,0x7fffffffd3f8,0x0,0x0) = 0 (0x0)
  72152: 0.029714707 0.004927368 
__sysctl(0x7fffffffd3e0,0x6,0x8010b7000,0x7fffffffd3f8,0x0,0x0) = 0 (0x0)
  72152: 0.030023597 0.000087140 
mmap(0x0,8388608,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 
34380709888 (0x801400000)
  72152: 0.030216827 0.000092880 munmap(0x801800000,4194304) = 0 (0x0)
  72152: 0.033205415 0.000597889 
madvise(0x8010b7000,0x1b6000,0x5,0xb6,0x7fffffffca70,0x1) = 0 (0x0)
  72152: 0.033477685 0.000106420 write(1,"Will consider 1 out of 8008 
inte"...,39) = 39 (0x27)

I don't have access to Solaris or AIX, nor ready access to HP-UX to try 
those.

More information about the sudo-workers mailing list