Sven Uhlig wrote: > Bob Proulx wrote: > >> The problem is that "su" takes 25 seconds before it succeeds. > > > > That sounds like a DNS timeout. If you do a dns lookup of your > > systems hostname does it respond? > > # nslookup localhost > Name: localhost > Address: 127.0.0.1 > > # nslookup 127.0.0.1 > 1.0.0.127.in-addr.arpa name = localhost.
Good. > # nslookup baldur > ** server can't find baldur: NXDOMAIN > > # nslookup baldur.asgard > ** server can't find baldur.asgard: NXDOMAIN Unfortunately nslookup only looks at DNS. It is a DNS tool and does not follow /etc/nsswitch.conf for looking at other locations such as the /etc/hosts file. It is the reason I use the libc tool 'getent' to use the libc lookup routine and do whatever is configured. getent baldur.asgard > # ping baldur > PING baldur.asgard (127.0.1.1) 56(84) bytes of data. See that ping does do the lookup and does find the address okay. But although I know that many people use ping for a lookup tool that is really only a side effect of the primary purpose of ping. > > Look in /etc/hosts and look for (at least) these lines: > > # grep 127. /etc/hosts > 127.0.0.1 localhost > 127.0.1.1 baldur.asgard baldur Looks good. > > Because PAM often logs the hostname to the system log and does > > other such DNS lookups. > > Can I disable reverse DNS lookup? The data you provided, that ping showed the lookup okay, says that this isn't the problem. The problem must be something else. Which at least is good to know by itself. But it means you need to keep looking. > >> I can skip the timeout if I do either of these two things: > >> Solution 1) run X server on 10.0.2.2 (Xming) Solution 2) unset > >> $DISPLAY > > > > If you dns lookup 10.0.2.2 does it resolve? Quickly or after a > > longer timeout? > > # nslookup 10.0.2.2 > ** server can't find 2.2.0.10.in-addr.arpa.: NXDOMAIN > > # ping wotan > ping: unknown host wotan At this point I would suggest that you try an experiment and add an entry for 10.0.2.2 in your /etc/hosts file. Does that cause this to speed up? But I see that you are ahead of me and did that experiment already and it did not speed things up. > But as it is a private IP, why should there be a DNS? Wouldnt everyone > have the same problem if they dont set up their own BIND or hosts file? Yes. But most people don't use ssh and terminals these days and those that do know to have their dns set up correctly. This is actually a common problem with 'sudo' unless "!fqdn" is specified in the options. When dns is broken then sudo takes a very long time when "fqdn" is specified. Therefore I always turn that off. That long delay in sudo with dns broken is why I suspected a problem with your 'su' delay and was thinking it might be similar. > I have added the remote hostname to /etc: > # grep wotan /etc/hosts > 10.0.2.2 wotan.asgard wotan > > Of course I only get the following changes: > # ping wotan > PING wotan.asgard (10.0.2.2) 56(84) bytes of data. > > Though no change in the behaviour of "su", still a 25 seconds timeout > before it succeeds. It was a good experiment. I wish it had solved the problem. > In the output of strace I can see that /something/ happens with > libnss, so DNS lookup. But unfortunately I am unable to tell what it > is. But there seems not to be any timeout related to DNS. Another brainstorm idea. Do you have libnss-mdns installed? As an experiment try removing it. I doubt you are using it. You can always install it again. apt-get purge libnss-mdns I will cross my fingers and hope for good luck. > Any use of posting a full strace log? I dont think so. Doubtful. Unless someone in the know about dbus asks for it. You have isolated it to a dbus problem. > > Hopefully someone else will have a better suggestion. > > Thank you anyways. Getting any response is always good, instead of > being ignored completely :) I wish I could be more help. Hopefully someone knowledgeable about dbus will have help with a solution for it. Bob
signature.asc
Description: Digital signature
