Currently, updating any user will invalidate its entry in the user cache. The next time that user attempts to perform an operation, the AuthorizationManager will pull the canonical document from disk, taking a shared lock on the system's user collection. If a long running operation has taken an exclusive lock on the whole system, the AuthorizationManager may block until it finishes. Attempting to run administrative operations such as killOp or currentOp may cause the AuthorizationManager to perform this update.
We should have a mechanism to ensure that at least some users are always held in memory. Authentication or authorization, and by extension running killOp, would never need to block.