Currently, fasClient writes out authorized_keys for every user that can login to a box everytime it's called. On fedorapeople this is a lot of users and seems to be part of why fasClient takes a while to run there. We should try rewriting the code to compare what we would write out with what's currently in the authorized_key file. If they're the same then don't save the data. Then we should benchmark that this makes a difference. It should be faster unless read performance isn't substantially faster than write performance on the box for some reason.
Investigating.
From some benchmarking that i did, just changing the mode "w" to "a+" worths the change.
Even more if most files don't need to be changed.
The patch to do the trick the following:
{{{ --- fasClient 2012-02-02 23:48:43.000000000 +0000 +++ fasClient 2012-03-05 22:32:27.574346921 +0000 @@ -589,8 +589,10 @@ key = self.users[uid]['ssh_key'] if not os.path.exists(ssh_dir): os.makedirs(ssh_dir, mode=0700) - f = codecs.open(key_file, mode='w', encoding='utf-8') - f.write(key + '\n') + f = codecs.open(key_file, mode='a+', encoding='utf-8') + if f.read() != key + '\n': + f.truncate(0) + f.write(key + '\n') f.close() os.chmod(key_file, 0600) #os.path.walk(ssh_dir, _chown, [int(uid), int(uid)])
}}}
ricky reviewed. Looks good!
ctria, I've added you to the gitfas group. So you should be able to commit this in about an hour. I'll be online on and off until next week (at pycon) -- ask around on #fedora-admin if you need help with cloning and pushing etc or try to ping me when I'm on there.
Thanks for sponsorship!
Committed and pushed. I didn't find any branches thus i pushed on master, i hope this doesn't break anything!
Login to comment on this ticket.