Use and development of the Network File System (NFS) components of Linux ()

Neil Brown | 1 May 2008 01:29

X-Face

Picon

Re: reconnect_path() breaks NFS server causing occasional EACCES

On Tuesday April 29, bfields@... wrote:
> 
> Just to make sure I understand--you're not claiming that there's an
> actual threat of corrupting the on-disk filesystem or in-core data
> structures, right? 

Correct.  I'm not claiming that.

NeilBrown
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@...
More majordomo info at  http://vger.kernel.org/majordomo-info.html

mike | 1 May 2008 07:36

Picon

[NFS] Back to basics - still having NFS issues

I've switched up my setup now, thinking this would "mature" it more.
Everything is gigabit ethernet.

Server:
FreeBSD 7.0, quad-core xeon 3220, 2GB RAM, 4x750 hardware RAID10
Adaptec 3405 (so ~ 1.5TB usable)

42 processes:  1 running, 41 sleeping
CPU states:  0.0% user,  0.0% nice,  0.5% system,  0.0% interrupt, 99.5% idle
Mem: 15M Active, 1581M Inact, 325M Wired, 48M Cache, 214M Buf, 9232K Free
Swap: 2048M Total, 20K Used, 2048M Free

/etc/rc.conf:
nfs_server_flags="-u -t -n 16"

/etc/exports:
/home -maproot=root -network 10.13.5.0 -mask 255.255.255.0

Clients (3 moderate usage, 2 minimal usage):
Linux 2.6.24-16-server, quad-core xeon 3220, 4GB RAM, single SATA2
250G disk (barely used)

/etc/fstab:
raid01:/home    /home           nfs
rsize=8192,rsize=8192,tcp,rw,acregmin=30

I stuck with the 8k since it seems like FreeBSD (from what I read)
recommended it. It seems damn near rock solid but one machine
consistently flakes out (and is identical in every way - hardware,
fstab, nfs-common parameters, etc) to two other nodes that don't show

(Continue reading)

Janne Karhunen | 1 May 2008 14:57

Picon

Re: [patch] fix statd -n

On Tue, Apr 29, 2008 at 12:16 PM, J. Bruce Fields <bfields@...> wrote:

>  > Do we really have to add so many lines of the code just to fix "statd
>  > -n"

Which is why I offered the small patch initially; it was
mentioned that intrusiveness does not matter if it
can be kept in userspace.

> >  ? Maybe we should go back to the basics by understanding the
>  > requirement of this command ? So why do we need it (i.e. what kind of
>  > bad things we'll see if we don't fix this) ? Some short description
>  > would help.
>
>  I recall two reasons for -n given in this thread; I think one was just
>  security (maybe you don't want statd listening on some ports, for
>  whatever reason.  The other was a code comment quoted here:

That being one..

>         http://marc.info/?l=linux-nfs&m=120854237320424&w=2
>
>
>         "This is required to support clients that ignore the mon_name in
>         the statd protocol but use the source address from the request
>         packet."

This another, and the third the fact that this way mon_name
stays the same on server failover to node that has different
name. It identifies the server instance..

(Continue reading)

Janne Karhunen | 1 May 2008 15:28

Picon

Re: [patch] fix statd -n

Hi,

So effectively, it makes me sleep better. With it:
- I can rely on clients identifying the server correctly,
- I'm not exposing out anything that is not needed,
- Can tell by the address what this traffic is,
- Can be sure that packets are sent out via right interface

It might be even better if it would exit if -n is used when
no such interface is actually available. As I did it, it still
gambles here just as before.

--

-- 
// Janne

On Thu, May 1, 2008 at 8:57 AM, Janne Karhunen
<janne.karhunen@...> wrote:
> On Tue, Apr 29, 2008 at 12:16 PM, J. Bruce Fields <bfields@...> wrote:
>
>  >  > Do we really have to add so many lines of the code just to fix "statd
>  >  > -n"
>
>  Which is why I offered the small patch initially; it was
>  mentioned that intrusiveness does not matter if it
>  can be kept in userspace.
>
>
>
>  > >  ? Maybe we should go back to the basics by understanding the
>  >  > requirement of this command ? So why do we need it (i.e. what kind of

(Continue reading)

Kevin Coffman | 1 May 2008 15:34

Picon

[PATCH 0/4] nfs-utils gssd

Hi Steve,
These have all been sent before, with various levels of formality,
but haven't made it into git yet.

1) adds code to gssd to read a possible alternate port number
from the info file.

2) adds the "other" DES encryption types to the default list that
can currently be negotiated.

3) adds a utility function to retrieve the current logging
verbosity.  (Used by the fourth patch to determine whether
it should print certain error messages.)

4) allows the administrator to specify multiple directories
where gssd can look for credentials caches.

--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@...
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Kevin Coffman | 1 May 2008 15:35

Picon

[PATCH 1/4] gssd: read port number from info file if supplied

From: Olga Kornievskaia <aglo@...>

Check the info file information to see if a port number is supplied.
If so, use it rather than the standard port number.

Signed-off-by: Olga Kornievskaia <aglo@...>
Signed-off-by: Kevin Coffman <kwc@...>
---

 utils/gssd/gssd.h      |    1 +
 utils/gssd/gssd_proc.c |   14 ++++++++++++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/utils/gssd/gssd.h b/utils/gssd/gssd.h
index e17edde..6f14c34 100644
--- a/utils/gssd/gssd.h
+++ b/utils/gssd/gssd.h
 <at>  <at>  -80,6 +80,7  <at>  <at>  struct clnt_info {
 	int			krb5_poll_index;
 	int			spkm3_fd;
 	int			spkm3_poll_index;
+	int			port;
 };

 void init_client_list(void);
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index 6860cc8..bac7295 100644
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
 <at>  <at>  -102,7 +102,7  <at>  <at>  int pollsize;  /* the size of pollaray (in pollfd's) */

(Continue reading)

Kevin Coffman | 1 May 2008 15:35

Picon

[PATCH 3/4] gssd: add a function to retrieve the current verbosity level

Add a new function to retrieve the current verbosity level
so that some messages that would otherwise always print may
be silenced.

Signed-off-by: Kevin Coffman <kwc@...>
---

 utils/gssd/err_util.c |    5 +++++
 utils/gssd/err_util.h |    1 +
 2 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/utils/gssd/err_util.c b/utils/gssd/err_util.c
index 5644db6..2583e06 100644
--- a/utils/gssd/err_util.c
+++ b/utils/gssd/err_util.c
 <at>  <at>  -60,3 +60,8  <at>  <at>  void printerr(int priority, char *format, ...)
 		xlog_backend(L_ERROR, format, args);
 	va_end(args);
 }
+
+int get_verbosity(void)
+{
+	return verbosity;
+}
diff --git a/utils/gssd/err_util.h b/utils/gssd/err_util.h
index 5e5af48..c4df32d 100644
--- a/utils/gssd/err_util.h
+++ b/utils/gssd/err_util.h
 <at>  <at>  -33,5 +33,6  <at>  <at>

(Continue reading)

Kevin Coffman | 1 May 2008 15:35

Picon

[PATCH 2/4] gssd: add other des encryption types to default list

Add the other two DES encryption types to the default list of
Kerberos encryption types that may be negotiated.

Signed-off-by: Kevin Coffman <kwc@...>
---

 utils/gssd/krb5_util.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 3cf27ca..0589cd8 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
 <at>  <at>  -277,7 +277,9  <at>  <at>  limit_krb5_enctypes(struct rpc_gss_sec *sec, uid_t uid)
 	u_int maj_stat, min_stat;
 	gss_cred_id_t credh;
 	gss_OID_set_desc  desired_mechs;
-	krb5_enctype enctypes[] = { ENCTYPE_DES_CBC_CRC };
+	krb5_enctype enctypes[] = { ENCTYPE_DES_CBC_CRC,
+				    ENCTYPE_DES_CBC_MD5,
+				    ENCTYPE_DES_CBC_MD4 };
 	int num_enctypes = sizeof(enctypes) / sizeof(enctypes[0]);

 	/* We only care about getting a krb5 cred */

--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@...
More majordomo info at  http://vger.kernel.org/majordomo-info.html

(Continue reading)

Kevin Coffman | 1 May 2008 15:35

Picon

[PATCH 4/4] gssd: search multiple directories for Kerberos credentials

From: Vince Busam <vbusam@...>

Kerberos credentials may be stored in multiple places.  Make it
possible to search several directories for valid credentials when
making NFS requests.

Original patch from Vince Busam <vbusam@...>, modified by
Kevin Coffman <kwc@...>.

Signed-off-by: Vince Busam <vbusam@...>
Signed-off-by: Kevin Coffman <kwc@...>
---

 utils/gssd/gssd.c      |   10 ++++++++++
 utils/gssd/gssd.h      |    3 ++-
 utils/gssd/gssd.man    |    6 +++++-
 utils/gssd/gssd_proc.c |   11 ++++++++---
 utils/gssd/krb5_util.c |   30 ++++++++++++++++--------------
 utils/gssd/krb5_util.h |    3 ++-
 6 files changed, 43 insertions(+), 20 deletions(-)

diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
index bbcad20..e8612a5 100644
--- a/utils/gssd/gssd.c
+++ b/utils/gssd/gssd.c
 <at>  <at>  -57,6 +57,7  <at>  <at>  char pipefs_dir[PATH_MAX] = GSSD_PIPEFS_DIR;
 char pipefs_nfsdir[PATH_MAX] = GSSD_PIPEFS_DIR;
 char keytabfile[PATH_MAX] = GSSD_DEFAULT_KEYTAB_FILE;
 char ccachedir[PATH_MAX] = GSSD_DEFAULT_CRED_DIR;
+char *ccachesearch[GSSD_MAX_CCACHE_SEARCH + 1];

(Continue reading)

Wendy Cheng | 1 May 2008 15:50

Picon

Re: [patch] fix statd -n

Janne Karhunen wrote:
> Hi,
>
> So effectively, it makes me sleep better. With it:
> - I can rely on clients identifying the server correctly,
> - I'm not exposing out anything that is not needed,
> - Can tell by the address what this traffic is,
> - Can be sure that packets are sent out via right interface
>
> It might be even better if it would exit if -n is used when
> no such interface is actually available. As I did it, it still
> gambles here just as before.
>
>
>   
Yep, understood. Linux NFS server failover was one of my painful 
projects (actually it was "the" one - so much work and so little result).

But the flow you proposed confuses me. Reading the code right now (to 
refresh my memory).. Will get back to the list soon.

-- Wendy
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@...
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Group

gmane.linux.nfs.

Advertisement

Project Web Page

Use and development of the Network File System (NFS) components of Linux ()

Search Archive

Page

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 48

Articles in period: 470

May 2008

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

Issues using new idmapper in large sites (19 Jun 2013)
[PATCH] NFSv4: SETCLIENTID add the format string for the NETID (18 Jun 2013)
big send queues on NFS server (18 Jun 2013)
NFSERR_STALE on umount with 3.10.0.RC5 kernel (18 Jun 2013)
[PATCH] rpc_pipefs: only set rpc_dentry_ops if d_op isn't already set (18 Jun 2013)
BUG: path_init is called, when current->fs is already NULL (18 Jun 2013)
Problems in idmapd.conf.5 (18 Jun 2013)
Can't mount NFSv4 with kerberos on Debian Wheezy (17 Jun 2013)
Can't mount NFSv4 with kerberos on Debian Wheezy (17 Jun 2013)
Can't mount NFSv4 with kerberos on Debian Wheezy (15 Jun 2013)
Can't mount NFSv4 with kerberos on Debian Wheezy (14 Jun 2013)
corruption due to loss of lock (13 Jun 2013)
[PATCH 0/5] Fix assorted races in the sunrpc cache. (13 Jun 2013)
sunrpc/cache.c: races while updating cache entries (13 Jun 2013)
Linux NFS town hall meeting 06/12/13 (Cancelled) (12 Jun 2013)
why does nfsd write not use splice (12 Jun 2013)
Some pynfs updates (11 Jun 2013)
[PATCH v2 0/4] SUNRPC: PipeFS races fixes (11 Jun 2013)
[PATCH]: gssd: Fix preferred_realm option handling (11 Jun 2013)
[PATCH 0/3] SUNRPC: PipeFS races fixes (10 Jun 2013)
caching issue with nocto (10 Jun 2013)

Archives

157	June 2013
409	May 2013
446	April 2013
426	March 2013
427	February 2013
443	January 2013
263	December 2012
468	November 2012
578	October 2012
350	September 2012
536	August 2012
402	July 2012
363	June 2012
819	May 2012
729	April 2012
871	March 2012
657	February 2012
543	January 2012
518	December 2011
625	November 2011
408	October 2011
596	September 2011
537	August 2011
659	July 2011
828	June 2011
757	May 2011
410	April 2011
631	March 2011
529	February 2011
557	January 2011
703	December 2010
526	November 2010
704	October 2010
894	September 2010
691	August 2010
526	July 2010
680	June 2010
623	May 2010
508	April 2010
392	March 2010
351	February 2010
493	January 2010
370	December 2009
328	November 2009
274	October 2009
439	September 2009
655	August 2009
242	July 2009
716	June 2009
484	May 2009
866	April 2009
868	March 2009
262	February 2009
497	January 2009
494	December 2008
542	November 2008
470	October 2008
448	September 2008
445	August 2008
345	July 2008
650	June 2008
470	May 2008
541	April 2008
356	March 2008
483	February 2008
781	January 2008
382	December 2007
571	November 2007
551	October 2007
594	September 2007
610	August 2007
454	July 2007
234	June 2007
442	May 2007
395	April 2007
429	March 2007
246	February 2007
223	January 2007
251	December 2006
319	November 2006
274	October 2006
180	September 2006
292	August 2006
350	July 2006
227	June 2006
154	May 2006
173	April 2006
175	March 2006
149	February 2006
151	January 2006
175	December 2005
146	November 2005
176	October 2005
108	September 2005
77	August 2005
202	July 2005
179	June 2005
127	May 2005
151	April 2005
392	March 2005
213	February 2005
194	January 2005
194	December 2004
166	November 2004
176	October 2004
237	September 2004
244	August 2004
105	July 2004
136	June 2004
215	May 2004
180	April 2004
191	March 2004
231	February 2004
118	January 2004
109	December 2003
124	November 2003
133	October 2003
229	September 2003
175	August 2003
177	July 2003
214	June 2003
228	May 2003
150	April 2003
128	March 2003
146	February 2003
207	January 2003
108	December 2002
198	November 2002
367	October 2002
255	September 2002
303	August 2002
150	July 2002
93	June 2002
163	May 2002
192	April 2002
96	March 2002
2	December 1999

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template