From 5841b164b2c57e1389b5486be4ccef8eb47f6892 Mon Sep 17 00:00:00 2001 From: Garming Sam Date: Wed, 8 May 2019 12:40:48 +1200 Subject: ldap: Add a database open after fork to speed-up prefork binds Removing this (system) database open from the later auth stack results in a 15-30% improvement in different types of binds and on different hardware (presumably better with slower disk speeds). Signed-off-by: Garming Sam Reviewed-by: Andrew Bartlett --- source4/ldap_server/ldap_server.c | 26 +++++++++++++++++++++++++- source4/ldap_server/ldap_server.h | 2 ++ 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c index 783823043dc..b316eb1cc3a 100644 --- a/source4/ldap_server/ldap_server.c +++ b/source4/ldap_server/ldap_server.c @@ -1283,6 +1283,9 @@ static NTSTATUS ldapsrv_task_init(struct task_server *task) /* register the server */ irpc_add_name(task->msg_ctx, "ldap_server"); + + task->private_data = ldap_service; + return NT_STATUS_OK; failed: @@ -1290,6 +1293,27 @@ failed: return status; } +/* + * Open a database to be later used by LDB wrap code (although it should be + * plumbed through correctly eventually). + */ +static void ldapsrv_post_fork(struct task_server *task, struct process_details *pd) +{ + struct ldapsrv_service *ldap_service = + talloc_get_type_abort(task->private_data, struct ldapsrv_service); + + ldap_service->sam_ctx = samdb_connect(ldap_service, + ldap_service->task->event_ctx, + ldap_service->task->lp_ctx, + system_session(ldap_service->task->lp_ctx), + NULL, + 0); + if (ldap_service->sam_ctx == NULL) { + task_server_terminate(task, "Cannot open system session LDB", + true); + return; + } +} NTSTATUS server_service_ldap_init(TALLOC_CTX *ctx) { @@ -1297,7 +1321,7 @@ NTSTATUS server_service_ldap_init(TALLOC_CTX *ctx) .inhibit_fork_on_accept = false, .inhibit_pre_fork = false, .task_init = ldapsrv_task_init, - .post_fork = NULL + .post_fork = ldapsrv_post_fork, }; return register_server_service(ctx, "ldap", &details); } diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h index d3e31fb1eec..6ad23416b96 100644 --- a/source4/ldap_server/ldap_server.h +++ b/source4/ldap_server/ldap_server.h @@ -100,6 +100,8 @@ struct ldapsrv_service { uint64_t generation; struct tevent_req *retry; } notification; + + struct ldb_context *sam_ctx; }; #include "ldap_server/proto.h" -- cgit v1.2.1