[apparmor] [Bug 590113] Re: parser takes very long time to reload profile
Arkadiusz Miśkiewicz
arekm at pld-linux.org
Tue Dec 13 14:35:20 UTC 2011
Made a test on 3.0.13 kernel with apparmor 2.6.1 utilities.
Reloading one profile with 9486 HATs on dual core 3.06GHz intel E6600
(no load) with 4GB of ram takes only... _40 minutes_.
This is more than unusable :-/
Entire policy in txt files in 54MB. There is 1500 exactly the same hats
for example with only hat name being different. This scheme occurs
frequently in my policy, just with smaller values - like tons of 1-20
exactly the same hat-sets.
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/590113
Title:
parser takes very long time to reload profile
Status in AppArmor Linux application security framework:
New
Bug description:
I have a single policy with over 1300 hats. Reloading it takes over 3
min 30 s on 2 x Dual Core Opteron 2GHz, 6GB RAM with apparmor 2.5. The
server is of course doing also other things than reloading policy but
the load isn't anything big (it's like ~2).
Policy attached.
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/590113/+subscriptions
More information about the AppArmor
mailing list