Operating System - HP-UX
1748204 Members
4037 Online
108759 Solutions
New Discussion

sudo takes 35 seconds to complete login

 
Doug O'Leary
Honored Contributor

sudo takes 35 seconds to complete login

Hi;

 

# time sudo su - prdadm -c "ls -ld /tmp"

[[snip]]

drwxrwxrwt 40 root root 24576 Aug 19 02:21 /tmp

real 0m35.30s
user 0m0.09s
sys 0m0.13s

 

That's a wee bit long.  

 

# swlist -l product Sudo | grep -i sudo
Sudo A.15.00-1.7.4p4.001 Super User Do

 

running on an rx3600 (11.31, obivously).  I was seeing similar things a few weeks back when the client was having DNS issues; however, I'm not seeing the DNS issues yet they're still seeing the 35 seconds sudo runs.

 

I downloaded/ran tusc against it and the errors are in the attached txt file.  There are plenty of no entry errors there, but there are also a ffew address not available and a connection reset:

 

# grep -i err /tmp/tusc.out | grep -i -e eaddr -e econn
recvfrom(8, 0x7fffd730, 1024, 0, 0x7fffc840, 0x7fffc808) .... ERR#227 EADDRNOTAVAIL
recvfrom(8, 0x7fffd730, 1024, 0, 0x7fffc840, 0x7fffc808) .... ERR#227 EADDRNOTAVAIL
recvfrom(8, 0x7fffd730, 1024, 0, 0x7fffc840, 0x7fffc808) .... ERR#227 EADDRNOTAVAIL
recv(7, 0x7ffff3d0, 8, 0) ............................................................. ERR#232 ECONNRESET

 

Can anyone tell me what's going on with this sudo?  What addresses aren't available and/or connection getting reset?  

 

Any hints/tips/suggestions greatly appreciated.


------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
3 REPLIES 3
Dennis Handly
Acclaimed Contributor

Re: sudo takes 35 seconds to complete login

There are tusc options to show times, -D or -T format.  Also, you should use -fp to follow forks and include the PIDs.

Doug O'Leary
Honored Contributor

Re: sudo takes 35 seconds to complete login

Hey;

 

Thanks for the reply.  I finally verified a DNS issue via a different path.  Once the client fixed their DNS, everything's back on track again.  I tried the -T option but it wasn't displaying times.  I just tried the -D option and that displayed the duration times like the usage said.  I'll use that one the next time that happens.

 

Appreciate the response.  

 

Doug O'Leary


------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
Bill Hassell
Honored Contributor

Re: sudo takes 35 seconds to complete login

EADDRNOTAVAIL

 

This means that the resolver (host/IPaddr resolution) has failed. By default, it takes 10 seconds to timeout and pick the next choice, typically in /etc/resolv.conf. If you have 3 DNS nameservers in that file, then it takes 30 seconds to timeout. This is why DNS should not be the first choice in a server. Servers must run, sometimes 242x7 and to depend on some other box to translate host/IP over the network is not high reliability. Change the nsswitch.conf file to use /etc/hosts first, then fallback to DNS. Now you put just the important systems in /etc/hosts, always available.



Bill Hassell, sysadmin