[Bug 210479] blacklistd(8) and sshd(8) causes login delays and syslog(8) spam

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Thu Jun 23 01:42:52 UTC 2016


https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210479

--- Comment #4 from Glen Barber <gjb at FreeBSD.org> ---
(In reply to Glen Barber from comment #3)
> (In reply to lidl from comment #2)
> > The debug logging is expected.
> > 
> 
> I think this makes auditdistd(8) unhappy.
> 
> > I'm unclear by your comment about delays - delays due to the error state, or
> > delay due to the extra syslog statements.
> > 
> > In timing of a simple 'ssh hostname df \> /dev/null', I get the same
> > wall-clock time, regardless of blacklistd running on the remote host.
> > (I do see the debug messages in the debug.log on the remote host.)
> > 
> > Can you quantify the delays you're seeing?
> 
> Between head and stable/10, I see an increase in responsiveness.

Sigh.  I meant 'decrease', not 'increase'.  Shame on me for editing the reply
without double-checking the sentence...

>  gjb at nucleus:~ % time ssh ref10-amd64.freebsd.org exit
>  0.010u 0.010s 0:01.14 1.7%      192+148k 4+0io 0pf+0w
> 
>  gjb at nucleus:~ % time ssh ref11-amd64.freebsd.org exit
>  0.020u 0.000s 0:01.55 1.2%      96+74k 4+1io 0pf+0w
> 
> The only "known" difference is the addition of blacklistd(8).
> 
> In either case, I think the debug.log spam is a bit overkill, especially for
> machines without large /var directories (embedded systems, etc.).

-- 
You are receiving this mail because:
You are the assignee for the bug.


More information about the freebsd-bugs mailing list