Solution: slow sudo

I do not know how many people will be effected by this, but I’ll post it anyhow it may help someone.

sudo tries to do a DNS lookup to find an ip address for “starfive” because it is required to do so by the default flags and rules in /etc/sudoers, This is only a problem if there is no DNS available, but there is some form of networking. Eventually after trying to contact all DNS servers these requests will time out.
Because I have my VF2 board in an isolated network with no direct Internet access, I noticed this slowness straight away.

I used “sudo EDITOR=vi visudo” (because I am frustrated by the “nano” editor).
And added the following line to /etc/sudoers at the top of the file:
Defaults !fqdn

The fqdn flag defaults to on, all I am doing is turning it off. On means that every hostname must be looked up in DNS. Which is great if you have a network that never ever fails. But if the network does fail then your attempts to fix problems will be slowed down by not having a working network. I feel that the default for most SBC should be that it is off.

BEFORE change:
user@starfive:~$ time sudo true

real 0m40.171s
user 0m0.044s
sys 0m0.001s

AFTER change:
user@starfive:~$ time sudo true

real 0m0.088s
user 0m0.023s
sys 0m0.011s

A different workaround would be to add the machines hostname to /etc/hosts e.g.
Change “127.0.0.1 localhost” to be “127.0.0.1 localhost starfive”

Either will work.

4 Likes