Troubleshooting Guide › Tuning Performance › System Load on CA Access Control Server Is Too High

System Load on CA Access Control Server Is Too High

Symptom:

I need to reduce system load on the CA Access Control server.

Solution:

To reduce system load, do the following:

• Avoid deep hierarchies in the database.

  Deep hierarchies of users and resources require system loads to obtain and check all dependencies.

• Avoid generic rules for frequently used directories.

  If you define a generic rule for a frequently used directory, CA Access Control checks many system actions. For example, if you write a generic protection rule that protects /usr/lib/*, CA Access Control checks every action in the system.

• (Solaris only) Specify that CA Access Control bypasses file access checks when the file belongs to a process file system (/proc).

  To specify that CA Access Control bypasses file access checks when the file belongs to a process file system, verify that the value of the proc_bypass configuration setting is 1 in the [SEOS_syscall] section of the seos.ini file.

  Note: For more information about seos.ini file tokens, see the Reference Guide.

More information:

SEOS_syscall