Hi Russ, Yes we are running on CentOS 6.4 linux.
No we have not increased both values, they are currently set to 200 by default. We will definitely try increasing these values and see if the problems are resolved. Is there a risk this will keep filling up even with a substantial increase, assuming this is the issue? Thanks, Shane On Mon, Apr 29, 2013 at 1:22 PM, Russ Allbery <[email protected]> wrote: > Shane Warner <[email protected]> writes: > > > We are having some strange issues with tokens on our openafs 1.6.2 > > environment. > > > There are 3 scenarios that randomly appear on our clients running apache > > with mod_waklog: > > 1) Tokens become invalid and an rxkad error=19270408 appears in dmesg. > This > > is the least prevalent issue, and has only happened a couple of times. > > 2) Permission denied errors are seen intermittently while accessing > files. > > Some file accesses are successful, some fail. No errors in logs on this > one. > > 3) There is no intermittent behavior, just a solid permission denied even > > though it would appear that a token has been obtained. Restarting the > > openafs-client/httpd resolves it for about a minute before the permission > > denied brick wall comes back. No errors in logs on this one. > > > Only rebooting the entire system resolves the issues for all of the above > > situations. Situations 2 and 3 are by far the most common and occur every > > 3-7 days on clients. > > I assume this is Linux. Have you increased: > > /proc/sys/kernel/keys/maxkeys > /proc/sys/kernel/keys/root_maxkeys > > on your systems? mod_waklog can generate a lot of PAGs, which means that > you can run out of kernel keyrings, and that will prevent credentials from > being stored. > > -- > Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> > _______________________________________________ > OpenAFS-info mailing list > [email protected] > https://lists.openafs.org/mailman/listinfo/openafs-info >
