Re: sshd repeated polling for non-local uidNumber?
[Date Prev][Date Next] [Thread Prev][Thread Next]Re: sshd repeated polling for non-local uidNumber?
- From: Dave Sclarsky <dsclarsky [at] netquestcorp.com>
- To: Arthur de Jong <arthur [at] arthurdejong.org>, "nss-pam-ldapd-users [at] lists.arthurdejong.org" <nss-pam-ldapd-users [at] lists.arthurdejong.org>
- Subject: Re: sshd repeated polling for non-local uidNumber?
- Date: Fri, 15 May 2020 22:09:59 +0000
|
Hi Arthur,
Thanks for the quick response.
Indeed if I do a ps it triggers a query - so I tried logging in with 2 LDAP users simultaneously, and now a ps command queries for both.
So I think you hit the nail on the head - we probably have some periodic processing that's triggering the name lookups.
We'll do more investigation to see what it might be, but I guess the bottom line is that it's expected behavior that we can't really change - is that correct?
Thanks again,
DaveS. From: nss-pam-ldapd-users on behalf of Arthur de Jong Sent: Friday, May 15, 2020 12:23 PM To: nss-pam-ldapd-users@lists.arthurdejong.org Subject: Re: sshd repeated polling for non-local uidNumber? On Fri, 2020-05-15 at 15:16 +0000, Dave Sclarsky wrote:
> One thing I noticed is that if a user logs in via ssh and is > authenticated via LDAP, we see repeated queries to the LDAP server as > shown below, but only if the uidNumber in the LDAP database is not > present in the local Linux password database. The repeated polling > seems to happen once a minute if the user is idle at a shell prompt, > and will also happen when they enter certain commands (e.g. ps). > Here's output from nslcd -d showing the poll: > > nslcd: [0e0f76] DEBUG: connection from pid=27529 uid=0 gid=0 If you have a test-setup you could try to figure out what process ID 27529 is. I don't know of any regular name lookups of idle shells but if it runs every minute it could be some cron job. There are a lot of things that could trigger this. If there is a process that runs e.g. `ps -ef` on the system it will do name lookups for all users that own processes on the system. I've also seen bash completion triggering name lookups under certain conditions so there are a lot of processes that can potentially cause this. One way to limit the load on your LDAP server for this is to use nscd or unscd which will ensure that repeated lookups do not all hit nslcd. Hope this helps, -- -- arthur - arthur@arthurdejong.org - https://arthurdejong.org/ -- |
- sshd repeated polling for non-local uidNumber?,
Dave Sclarsky
- Re: sshd repeated polling for non-local uidNumber?, Arthur de Jong
- <Possible follow-ups>
- Re: sshd repeated polling for non-local uidNumber?, Dave Sclarsky
- Re: sshd repeated polling for non-local uidNumber?, twb-nss-pam-ldapd-users
- Prev by Date: Re: sshd repeated polling for non-local uidNumber?
- Next by Date: Re: sshd repeated polling for non-local uidNumber?
- Previous by thread: Re: sshd repeated polling for non-local uidNumber?
- Next by thread: Re: sshd repeated polling for non-local uidNumber?