On Fri, Mar 05, 2021 at 09:07:43AM -0500, Jonathan Billings wrote: > Hello, > > Our university uses the Crowdstrike endpoint security tool, and we use > OpenAFS for both our user's home directory as well as serving software to > our students, faculty and researchers. Is anyone else using Crowdstrike > and OpenAFS on Linux (specifically, RHEL7)? > > I've discovered that the Crowdstrike service (falcon-sensor) installs a > linux security module which seems to interact with the OpenAFS kernel > module in a bad way, causing the kernel to panic and reboot. After > installing the kdump service, I'm able to capture a kernel dump and > backtrace, and it is definitely something to do with how OpenAFS and the > falcon lsm interact. I wasn't able to trigger it with just command-line > ssh but a graphical login seems to be a reliable trigger. Specifically, it > seems to be in the cache handling when it panics. > > Has anyone else experienced this?
I don't use Crowdstrike so haven't seen it, but can you post the backtrace? Thanks, Ben _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info