nscd doesn't cache host entries

Bug #613662 reported by Daniel J Blueman
22
This bug affects 2 people
Affects Status Importance Assigned to Milestone
eglibc (Ubuntu)
Fix Released
Medium
Adam Conrad
Declined for Maverick by Sebastien Bacher
Precise
Fix Released
Undecided
Adam Conrad
Quantal
Fix Released
Undecided
Adam Conrad

Bug Description

[Impact / Justification]
For nscd users, the performance difference between a cached DNS lookup and a remote query can be anywhere from milliseconds to whole seconds, depending on the network and random luck. I've already verified here today that the concerns originally raised in the upstream bug have since been fixed, and Debian also dropped this patch a while ago, we just failed to sync with them when they did.

[Test Case]
As stated above, I've already tested that the actual root issue that led to the patch has been resolved, so the only thing to test is that the build binaries no longer have host caching disabled in the default /etc/nscd.conf

[Regression Potential]
Very low to non-existent. It's a single line change to a conffile, reverting a workaround that hasn't been needed in a long while.

[Original Report]
Binary package hint: nscd

Debian (and by implication Ubuntu) are the only distros to disable nscd hosts caching. In most cases, it is deployed with the expectation to mitigate expensive lookups (eg over VPN).

The bug cited [1] has been rejected by the core glibc developers three years ago as not a bug; all other distros (including Redhat EL and Novell SLES) have this functionality enabled. Why should we continue to penalise Ubuntu's performance any longer, in cases where nscd is deployed to improve performance?

[1] http://sourceware.org/bugzilla/show_bug.cgi?id=4428

Revision history for this message
Daniel J Blueman (danielblueman) wrote :
Changed in eglibc (Ubuntu):
status: New → Fix Committed
Revision history for this message
Benjamin Drung (bdrung) wrote :

upstream rejects the bug because "no program should have use gethostbyaddr*", but it's still a bug in every application that uses gethostbyaddr*. How can we make sure that we don't break those apps. How many apps in the archive are using gethostbyaddr*?

Artur Rona (ari-tczew)
Changed in eglibc (Ubuntu):
status: Fix Committed → New
Revision history for this message
Malte S. Stretz (mss) wrote :

The gethostbyaddr* bug might/should (somebody should go and check) be fixed by unscd, a nscd drop-in replacement which was recently packaged for Debian and is available in natty.

Revision history for this message
Scott Moser (smoser) wrote :

The debdiff here looks sane, and acknowledgement that it is carried in RH and SuSE is valuable. (Direct links/pointers to patches there would be nice though).

There was some discussion of it http://irclogs.ubuntu.com/2010/12/14/%23ubuntu-devel.html . Main decision was to let it sit for now.

Changed in eglibc (Ubuntu):
importance: Undecided → Medium
status: New → Triaged
Revision history for this message
Daniel Holbach (dholbach) wrote :

To me it looks like this should be discussed in a broader forum. If we should deviate from Debian on this one we need to dedicate more attention to it than "just have somebody upload it". :)

Was this discussed in some Debian bug report or mailing list already? Can this be brought up on <email address hidden> maybe, so we can find out who would be interested in maintaining this delta or find another way to resolve the issue of old applications still using gethostbyaddr*.

For now I'll unsubscribe the sponsors team as more discussion needs to happen before this can be uploaded.

tags: added: patch
Revision history for this message
Adam Conrad (adconrad) wrote :

Given the discussion in the upstream bug, I see no reason to "fix" this default. People who know what they're doing can change their local nscd.conf, it's a conffile for a reason.

Changed in eglibc (Ubuntu):
status: Triaged → Won't Fix
Revision history for this message
Adam Conrad (adconrad) wrote :

Hrm, actually, looks like Uli went and (potentially) fixed this in a later version after rejecting the bug outright. Fun. Perhaps I'll revert this in my pending 2.17 upload, then.

Changed in eglibc (Ubuntu):
status: Won't Fix → In Progress
Revision history for this message
Adam Conrad (adconrad) wrote :

Alright, I've verified that this seems to DTRT now on current (precise and up, at least) eglibc.

Adam Conrad (adconrad)
description: updated
Adam Conrad (adconrad)
Changed in eglibc (Ubuntu):
status: In Progress → Fix Committed
Adam Conrad (adconrad)
Changed in eglibc (Ubuntu Precise):
assignee: nobody → Adam Conrad (adconrad)
Changed in eglibc (Ubuntu):
assignee: nobody → Adam Conrad (adconrad)
Changed in eglibc (Ubuntu Quantal):
assignee: nobody → Adam Conrad (adconrad)
Revision history for this message
Colin Watson (cjwatson) wrote : Please test proposed package

Hello Daniel, or anyone else affected,

Accepted eglibc into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in eglibc (Ubuntu Precise):
status: New → Fix Committed
tags: added: verification-needed
Changed in eglibc (Ubuntu Quantal):
status: New → Fix Committed
Revision history for this message
Colin Watson (cjwatson) wrote :

Hello Daniel, or anyone else affected,

Accepted eglibc into quantal-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu20.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (7.3 KiB)

This bug was fixed in the package eglibc - 2.17-0ubuntu1

---------------
eglibc (2.17-0ubuntu1) raring; urgency=low

  * Merge with Debian, bringing in a new upstream and many small fixes:
    - patches/any/cvs-malloc-deadlock.diff: Dropped, merged upstream.
    - patches/ubuntu/lddebug-scopes.diff: Rebase for upstream changes.
    - patches/ubuntu/local-CVE-2012-3406.diff: Rebased against upstream.
    - patches/ubuntu/no-asm-mtune-i686.diff: Fixed in recent binutils.
  * This upstream merge fixes a nasty hang in pulseaudio (LP: #1085342)
  * Bump MIN_KERNEL_SUPPORTED to 2.6.32 on ARM, now that we no longer
    have to support shonky 2.6.31 kernels on imx51 babbage builders.
  * Drop patches/ubuntu/local-disable-nscd-host-caching.diff, as these
    issues were apparently resolved upstream a while ago (LP: #613662)
  * Fix the compiled-in bug URL to point to launchpad.net, not Debian.

eglibc (2.17-0experimental0) experimental; urgency=low

  [ Adam Conrad ]
  * New upstream release: version 2.17, orig tarball built at SVN r22169:
    - Restricts ld.so self-loading checks to normal mode (LP: #1088677)
    - debian/rules.d/tarball.mk: ports is no longer external to libc.
    - debian/*: Update all 2.16 occurences to 2.17 for upgrades/deps.
    - patches/localedata/supported.diff: Rebased against new upstream.
    - patches/localedata/locale-ia.diff: Dropped, merged upstream.
    - patches/localedata/submitted-es_MX-decimal_point.diff: Rebased.
    - patches/amd64/local-pthread_cond_wait.diff: Dropped, fixed upstream.
    - patches/i386/local-pthread_cond_wait.diff: Dropped (closes: #694962)
    - patches/arm64/cvs-ldconfig-cache-abi.diff: Dropped, merged upstream.
    - patches/arm64/submitted-aarch64-support.diff: Merged upstream.
    - patches/arm/cvs-ldconfig-cache-abi.diff: Dropped, merged upstream.
    - patches/arm/local-atomic.diff: Dropped, fixed differently upstream.
    - patches/arm/unsubmitted-armhf-linker.diff: Dropped, not needed.
    - patches/arm/unsubmitted-ldconfig-cache-abi.diff: Rewritten slightly.
    - patches/hppa/submitted-nptl-carlos.diff: Rebased against upstream.
    - patches/hppa/local-stack-grows-up.diff: Rebased against upstream.
    - patches/hurd-i386/local-enable-ldconfig.diff: dl-cache.c dropped.
    - patches/hurd-i386/tg-tls.diff: Rebase and drop powerpc support.
    - patches/hurd-i386/tg-regenerate_errno.h.diff: Merged upstream.
    - patches/hurd-i386/tg-extern_inline.diff: Drop powerpc support.
    - patches/hurd-i386/tg-elfosabi_gnu.diff: Drop powerpc support.
    - patches/hurd-i386/tg-grantpt.diff: Rebased against new upstream.
    - patches/hurd-i386/unsubmitted-pthread_posix-option.diff: Rebased.
    - patches/hurd-i386/submitted-getgroups.diff: Dropped, merged upstream.
    - patches/hurd-i386/submitted-getlogin_r.diff: Dropped, fixed upstream.
    - patches/hurd-i386/submitted-ptsname.diff: Dropped, merged upstream.
    - patches/hurd-i386/submitted-sendto.diff: Dropped, fixed upstream.
    - patches/hurd-i386/cvs-add-missing-includes.diff: Merged upstream.
    - patches/hurd-i386/cvs-mach-check-local-headers.sh.diff: Merged.
    - patches/hurd-i386/cvs-lremovexattr.diff: Dropped, merged upstrea...

Read more...

Changed in eglibc (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Daniel J Blueman (watchmaker) wrote :

Superb; both nscd_2.15-0ubuntu10.4_amd64.deb and nscd_2.15-0ubuntu20.1_amd64.deb give the desired behaviour. Great work!

Daniel

tags: added: verification-done
removed: verification-needed
Revision history for this message
Colin Watson (cjwatson) wrote : Update Released

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package eglibc - 2.15-0ubuntu10.4

---------------
eglibc (2.15-0ubuntu10.4) precise; urgency=low

  * Add patch ubuntu/local-disable-nscd-netgroup-caching.diff to
    disable netgroup caching in the default config (LP: #1068889)
  * Backport any/cvs-malloc-deadlock.diff from upstream to prevent
    glibc deadlocking in mallock arena retry paths (LP: #1081734)
  * Fix futex issue (BZ #13844), backport from 2.16 (LP: #1091186)
  * Drop patch any/local-disable-nscd-host-caching.diff, as this
    bug was apparently resolved upstream a while ago (LP: #613662)
  * Add patch any/cvs-ld-self-load.diff to restore ld.so's ability
    to load itself, a behaviour accidentally removed (LP: #1088677)
  * Drop dangling libnss_db.so symlink in libc6-dev (LP: #1088773)
 -- Adam Conrad <email address hidden> Sun, 27 Jan 2013 16:46:30 -0700

Changed in eglibc (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package eglibc - 2.15-0ubuntu20.1

---------------
eglibc (2.15-0ubuntu20.1) quantal; urgency=low

  * Add patch ubuntu/local-disable-nscd-netgroup-caching.diff to
    disable netgroup caching in the default config (LP: #1068889)
  * Backport any/cvs-malloc-deadlock.diff from upstream to prevent
    glibc deadlocking in mallock arena retry paths (LP: #1081734)
  * Fix futex issue (BZ #13844), backport from 2.16 (LP: #1091186)
  * Drop patch any/local-disable-nscd-host-caching.diff, as this
    bug was apparently resolved upstream a while ago (LP: #613662)
  * Add patch any/cvs-ld-self-load.diff to restore ld.so's ability
    to load itself, a behaviour accidentally removed (LP: #1088677)
  * Drop dangling libnss_db.so symlink in libc6-dev (LP: #1088773)
 -- Adam Conrad <email address hidden> Sun, 27 Jan 2013 16:46:30 -0700

Changed in eglibc (Ubuntu Quantal):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.