On 11/02/2012 10:41 AM, Erinn Looney-Triggs wrote:
On 11/02/12 07:28, Rich Megginson wrote:
On 11/02/2012 09:06 AM, Simo Sorce wrote:
On Fri, 2012-11-02 at 08:38 +0000, Johan Sunnerstig wrote:
Looks a lot like a problem I have as well.
Check out the /proc/xxx/fd directory of the dirsrv process for your
IPA realm, in my case it's full of dead pointers to /var/tmp/ldap_xxx
where xxx will be the same on one IPA server(I have two in a
multi-master setup).
These don't clear out until I restart the dirsrv process, so
eventually they'll fill up to the FD limit. For now I have a cron job
performing a staggered IPA restart on the two servers and a case open
with RH, but I haven't gotten any solution yet.
This is also RHEL 6.3 by the way, though the problem appeared in 6.2
for me.
This looks a memory leak in libkrb5 or dirsrv leaving around so krb
context.

Those files are replay caches.

Rich, can you investigate the use of libkrb5 in dirsrv ?
https://bugzilla.redhat.com/show_bug.cgi?id=825863
Simo.

Oops missed this, though this is a private bug so I will have to take
y'alls word for it being the thing.
Sorry about that. It appears to be a problem with either krb5 or selinux, and there is a proposed fix for RHEL 6.4

I hate private bugs. I am going to open a RH support case, just in case
that helps in any way.
Yes, please.

-Erinn


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to