https://bugzilla.novell.com/show_bug.cgi?id=242520 ------- Comment #22 from rhafer@novell.com 2007-03-16 09:45 MST ------- I did some more tests by myself now. System was openSUSE 10.3alpha2. nscd was not running. The LDAP Server has 1000 users, primary group of the testuser that 1000 members and the user was a (secondary) member of another group which had 1000 members as well. compat: Binds: 7 Searches: 2030 files ldap: Binds: 6 Searches: 1021 My Fedore Core 6 test machine gave me this results: Binds: 8 Searches: 20 The difference between 10.3 with compat and 10.3 with files ldap is caused by additional getgrgid() calls that nss_compat does (see comment #6). It took me a little longer to find out why 10.3 with "files ldap" does still a 1000 searches more than the FC6 system. But I figured that those queries are done while executing the /etc/profile script. One of the first things that our /etc/profile script does is "/bin/ls -l /proc/$$/exe" during which another getgrgid() call happens. After removing that "/bin/ls -l /proc/$$/exe" command from /etc/profile the results were similar to the result from the FC6 system. When nscd is running the result are of course only true for the first login attempt (and cold nscd caches). Subsequent logins just need some LDAP queries for pam_ldap the getgrgid() results are directly provided by nscd. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.