[OpenAFS] Re: unix owner/group of files in AFS

Jeffrey Hutzelman jhutz@cmu.edu
Thu, 29 Mar 2007 23:56:56 -0400

On Thursday, March 29, 2007 09:45:47 AM +0200 FB <fbo2@gmx.net> wrote:

>> Bear in mind that when you do something like 'ls', your NSS module will
>> be called to do an id-to-name lookup for _every file_.
> ls is a bad example because it doesn't ask once per file but once per UID
> (-> coreutils-idcache) ;-) .

All the world is not a VAX^H^H^H^H^HLinux.
Not every ls has that optimization.

>> That can get real
>> slow if you don't cacne results or have to go out and look at a user's
>> home directory, open files, etc for every lookup.  It makes nss_ldap
>> pretty much unbearable without nscd.  Bear in mind that you cannot tell
>> the difference between something like ls that just wants a name, and
>> something that needs some other field or the whole entry.
> I got your point. However - it's working fine here. We've got ~ 150 linux
> PCs here using it without nscd and it was quite an improvement over
> nss-ldap which we used before.

OK; so you haven't yet tried it in an environment where scalability is an 
issue.  I have at least ten times that many clients, and my site is pretty 
small.  Ask the folks at UMich or Morgan Stanley how that would work for 

I'll bet you also haven't tried it with a fileserver down.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA