Launchpad has imported 7 comments from the remote bug at https://bugzilla.novell.com/show_bug.cgi?id=620066.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2010-07-06T12:05:34+00:00 Mika Fischer wrote: User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.6) Gecko/20100628 Ubuntu/10.04 (lucid) Firefox/3.6.6 SSH by default deletes Kerberos credentials when a user logs out. If the user left a program running (for instance via screen), and if Kerberos credentials are needed to access the home directories (kerberized NFS), rpc.gssd will fail to obtain Kerberos credentials. The problem is that it generates excessive amounts of warnings in the syslog to this effect (about 1100 wrnings per second), which then quickly fill up the hard drive. Reproducible: Always Steps to Reproduce: 1. Log in (via SSH) to host that mounts home directory via kerberized NFS 2. Start screen with some process accessing the home dir inside 3. Detach screen 4. Close SSH session 5. Wait for rpc.gssd credentials cache to expire Actual Results: When the process still running on the target host tries to access the home directory, rpc.gssd will try and fail to obtain kerberos credentials for the user. It will then spam the syslog with the following warning ---- <date> <hostname> rpc.gssd[<pid>]: WARNING: Failed to create krb5 context for user with uid <uid> for server <other hostname> ---- This is repeated ad infinitum until the offending process is killed manually. The logfile otherwise quickly fills up the partition. Expected Results: Maybe one warning or no warning at all should be emitted (the latter is the case for *expired* credentials). See also https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/293705 for the case of expired credentials. A fix fo this should probably also be coordinated with upstream. Reply at: https://bugs.launchpad.net/ubuntu/+source/nfs- utils/+bug/293705/comments/25 ------------------------------------------------------------------------ On 2010-07-29T06:45:48+00:00 Sjayaraman wrote: Thanks for the bug report. This issue has been already fixed in upstream. I have built an updated package including the fix and made it available here: http://www.suse.com/~sjayaraman/test-pkgs/nfs-utils/ (syncing could take a few hours) You would need to update your nfs-kernel-server package from the above location. Please report back if this fixes the issue for you. Reply at: https://bugs.launchpad.net/ubuntu/+source/nfs- utils/+bug/293705/comments/26 ------------------------------------------------------------------------ On 2010-07-30T06:02:42+00:00 Sjayaraman wrote: Created an attachment (id=379436) Upstream patch Attaching the upstream patch that fixes the problem for completeness. Reply at: https://bugs.launchpad.net/ubuntu/+source/nfs- utils/+bug/293705/comments/27 ------------------------------------------------------------------------ On 2010-08-03T15:45:37+00:00 Mika Fischer wrote: After testing the packages I can confirm that they fix the problem for us. Do you recommend that we deploy them on all our 11.2 hosts or should we wait for an official update? Also, this probably should be fixed in 11.3. However there we have a similar but slightly different behaviour. The error message does not come from rpc.gssd but from the kernel itself. It is however caused by the same circumstances and also spams the log so quickly that there's a good chance of filling up the /var partition. The error message in this case is (on the NFS client): kernel: [1301515.320931] Error: state manager failed on NFSv4 server <NFS server hostname> with error 13 Error 13 probably means NFSERR_ACCES. Which probably means that the process does not have permissions to access the file because the Credentials Cache was removed when the user logged out. Do you want me to open a separate bug report for this? Reply at: https://bugs.launchpad.net/ubuntu/+source/nfs- utils/+bug/293705/comments/28 ------------------------------------------------------------------------ On 2010-08-03T15:57:28+00:00 Sjayaraman wrote: (In reply to comment #4) > After testing the packages I can confirm that they fix the problem for us. Thanks for confirming. > Do you recommend that we deploy them on all our 11.2 hosts or should we wait > for an official update? You should wait for an official update. > Also, this probably should be fixed in 11.3. However there we have a similar > but slightly different behaviour. The error message does not come from > rpc.gssd > but from the kernel itself. It is however caused by the same circumstances and > also spams the log so quickly that there's a good chance of filling up the > /var > partition. > > > Do you want me to open a separate bug report for this? Yes, it sounds different from this one. Please open a separate bugzilla for that issue. Reply at: https://bugs.launchpad.net/ubuntu/+source/nfs- utils/+bug/293705/comments/29 ------------------------------------------------------------------------ On 2010-08-11T06:22:43+00:00 Nfbrown wrote: I have submitted an update for 11.2 containing this patch, but I'm not confident that an update will be released in any great hurry. This bug is fixed in 11.3, It might be appropriate to upgrade to 11.3, or just get the nfs-utils package from there. The update request id is 45345 Reply at: https://bugs.launchpad.net/ubuntu/+source/nfs- utils/+bug/293705/comments/30 ------------------------------------------------------------------------ On 2011-07-04T07:51:14+00:00 Joschibrauchle wrote: Hello everyone, as Mika Fischer described, this bug exists also in OpenSUSE 11.3/11.4, except that the error message is: -------- kernel: [<timestamp>] Error: state manager failed on NFSv4 server <IP_of_nfs_server> with error 13 -------- Otherwise, the description is still exactly valid: - SSH login - start user job, which accesses kerberized nfs user home - SSH logout - Kerberos cache expires - /var/log/messages is spammed with ~1000 errors PER SECOND! - /var partition out of space! So, I could not find the corresponding bug report for 11.3/11.4. Is there one yet? Reply at: https://bugs.launchpad.net/ubuntu/+source/nfs- utils/+bug/293705/comments/31 ** Changed in: nfs-utils (openSUSE) Status: Unknown => Fix Released ** Changed in: nfs-utils (openSUSE) Importance: Unknown => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/293705 Title: expired kerberos credentials cause significant syslog spam To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/293705/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
