Re: Sudo delays

To: debian-user@lists.debian.org
Subject: Re: Sudo delays
From: Bob Proulx <bob@proulx.com>
Date: Sun, 23 Oct 2011 13:11:23 -0600
Message-id: <[🔎] 20111023191123.GA17369@hysteria.proulx.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 4EA45872.7030203@videotron.ca>
References: <[🔎] 4EA45872.7030203@videotron.ca>

Frank wrote:
> Recently I have noticed that calling up a terminal using Sudo from a
> menu..i.e. sudo /usr/bin/rxvt sometimes results in a 4 to 5 second
> delay before the terminal opens up. At other times it's
> instantaneous.
> It happens whether the command is run from my launcher Wbar, or the
> IceWm menu. Does anyone know what's going on ?

It is the fqdn flag which is on by default.  I always turn this off.
Otherwise running sudo commands is serialized behind looking up
hostnames.  Looking up hostnames is an external activity and puts a
dependency upon network connectivity.  It can be slow.

The sudoers man page (man 5 sudoers) says:

       fqdn            Set this flag if you want to put fully qualified host
                       names in the sudoers file.  I.e., instead of myhost you
                       would use myhost.mydomain.edu.  You may still use the
                       short form if you wish (and even mix the two).  Beware
                       that turning on fqdn requires sudo to make DNS lookups
                       which may make sudo unusable if DNS stops working (for
                       example if the machine is not plugged into the
                       network).  Also note that you must use the host's
                       official name as DNS knows it.  That is, you may not
                       use a host alias (CNAME entry) due to performance
                       issues and the fact that there is no way to get all
                       aliases from DNS.  If your machine's host name (as
                       returned by the hostname command) is already fully
                       qualified you shouldn't need to set fqdn.  This flag is
                       on by default.

The best fix depends upon the version of sudo (version of Debian)
available to you.  As of Debian version 1.7.2p1-1 (available in
Squeeze) the default /etc/suders file created on installation contains
an "#includedir" directive to load files from /etc/sudoers.d/ but that
is not automatically configured upon an upgrade.  I recommend
configurating it and then using a local unique file there.  It avoids
needing to modify the /etc/sudoers file and therefore allows the
package to automatically upgrade that file with new defaults upon
package upgrades.

In any case to turn off fqdn simply add !fqdn to your sudoers Default
line or add a new line.

  Defaults !fqdn

Bob

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- [SOLVED] Re: Sudo delays
  - From: Frank <debianlist@videotron.ca>

References:
- Sudo delays
  - From: Frank <debianlist@videotron.ca>

Prev by Date: Re: Debian Locked Up
Next by Date: [SOLVED] Re: Sudo delays
Previous by thread: Sudo delays
Next by thread: [SOLVED] Re: Sudo delays
Index(es):
- Date
- Thread