Re: Who is responsible for Heimdal/Kerberos in FreeBSD
On 02/08/12 16:04, Chris Nehren wrote: Rather than sending repeated mails to the list (which you've already seen get dropped on the floor), consider using the proper channels for reporting bugs. Send a PR. See http://www.freebsd.org/send-pr.html for more information. Unfortunately I have to disagree with you. I have come across 3 NFS related PR's so far, I manually patching my system with them against STABLE. Let's see them: http://www.freebsd.org/cgi/query-pr.cgi?pr=147998 - patch provided by the reporter, no resolution after 2 years. http://www.freebsd.org/cgi/query-pr.cgi?pr=162009 - patch provided by the reporter, no resolution after 9 month http://www.freebsd.org/cgi/query-pr.cgi?pr=164933 - I reported with a patch, no resolution after 6 month Certainly I can report another PR with the problems I spotted and wait 2 years before I get an answer, but I don't call that problem solving. Or can you please explain what do you mean by "proper channel"? I can understand, that's pretty annoying (from my point SAD) that someone is sending problems to the mailing list and gets no hints. However I think, it's more sad, that the freebsd developer community is just ignoring the patches they are sent and doesn't considers quality assurance. Thanks, Attila ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Who is responsible for Heimdal/Kerberos in FreeBSD
Hi Rick, On 03/08/12 00:30, Rick Macklem wrote: If you have the time/expertise to come up with good patches for the code and are willing to donate these to the project, I'd suggest you either post the patches or attach them to a bug report. Please remember that almost all work on FreeBSD is done by volunteers in their spare time, rick. I reported PR164933 early this year with a patch, but unfortunately no one responded. I've attached the patch against 9-STABLE now. Please review. I found also other problems with NFS reliability (can reproduce consistently) - will discuss tomorrow on freebsd-fs. Cheers, Attila PS: Sorry about the language (ESL) of my letter, I'd like to contribute if I can. --- usr.sbin/mountd/mountd.c.orig 2011-09-23 01:51:37.0 +0100 +++ usr.sbin/mountd/mountd.c 2012-07-03 14:51:12.0 +0100 @@ -1334,6 +1334,7 @@ struct xucred anon; char *cp, *endcp, *dirp, *hst, *usr, *dom, savedc; int len, has_host, exflags, got_nondir, dirplen, netgrp; + int xx_numsecflavors, xx_secflavors[MAXSECFLAVORS]; v4root_phase = 0; dirhead = (struct dirlist *)NULL; @@ -1355,6 +1356,7 @@ opt_flags = 0; ep = (struct exportlist *)NULL; dirp = NULL; + xx_numsecflavors = 0; /* * Handle the V4 root dir. @@ -1463,10 +1465,15 @@ "making new ep fs=0x%x,0x%x", fsb.f_fsid.val[0], fsb.f_fsid.val[1]); - } else if (debug) + } else { + if (debug) warnx("found ep fs=0x%x,0x%x", fsb.f_fsid.val[0], fsb.f_fsid.val[1]); + xx_numsecflavors = ep->ex_numsecflavors; +bcopy(ep->ex_secflavors, &xx_secflavors, sizeof(int)*xx_numsecflavors); + } + } /* @@ -1593,6 +1600,17 @@ } /* + * Merge security flavours + */ + int ci, cj; + for(ci=0; ciex_numsecflavors && xx_secflavors[ci]!=ep->ex_secflavors[cj];cj++); + if (cj==ep->ex_numsecflavors) { +ep->ex_secflavors[ep->ex_numsecflavors++] = xx_secflavors[ci]; + } + } + + /* * Success. Update the data structures. */ if (has_host) { ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Who is responsible for Heimdal/Kerberos in FreeBSD
Hello, I'm repeating my last month request. Who is responsible for Heimdal/Kerberos or GSSAPI/NFS in FreeBSD? I got a working NFSv3/Kerberos over UDP for EL6 nfs clients, but suddenly I'm experiencing NFS I/O errors on high load/small files, which I think are due to the buggy/old heimdal in FreeBSD. NFS+Kerberos with EL6 over TCP is broken anyway. Attila ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: new Heimdal version, was NFSv3 + krb5 mysteries - need help tracking down
Hi Rick, On 30/06/12 00:48, Rick Macklem wrote: Maybe the person working on the newer Heimdal can comment? (I've changed the subject line so they might notice.) Can you give me a contact? He/she might not have noticed your subject change. Thanks, Attila ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
NFSv3 + krb5 mysteries - need help tracking down
Hi, I have a FreeBSD 9-STABLE acting as a kerberized NFSv3 server. server# ktutil list FILE:/etc/krb5.keytab: Vno Type Principal 5 aes256-cts-hmac-sha1-96 nfs/server.linguamatics@linguamatics.com 5 des3-cbc-sha1 nfs/server.linguamatics@linguamatics.com 5 arcfour-hmac-md5 nfs/server.linguamatics@linguamatics.com ntp in sync everywhere The network is a lagg device composed of two bce interfaces (an add-in card). -- 8< [nfstest.sh] -- #!/bin/bash i=0 fail=0 while [ $i -lt 100 ] do i=$[i+1] echo "RUN: $i" umount -f /mnt sleep 1 mount -v -o sec=krb5i,vers=3,proto=tcp server:/export/share /mnt || fail =$[fail+1] done echo "$fail times failed" -- 8< -- centos62# ./nfstest.sh 54 times failed ubuntu1204# ./nfstest.sh 98 times failed ubuntu1104# ./nfstest.sh 0 times failed centos58# ./nfstest.sh 0 times failed I started rpc.gssd -v on all linux clients. The clients which did not fail are using gssapi v1 with DES. Jun 29 18:17:41 centos58 rpc.gssd[1452]: prepare_krb5_rfc1964_buffer: serializing keys with enctype 4 and length 8 Jun 29 18:04:36 ubuntu1104 rpc.gssd[911]: prepare_krb5_rfc1964_buffer: serializing keys with enctype 4 and length 8 The failing clients are using the newer gssapi v2 with AES256. Jun 29 17:59:37 ubuntu1204 rpc.gssd[756]: prepare_krb5_rfc4121_buffer: serializing key with enctype 18 and size 32 Jun 29 17:55:48 centos62 rpc.gssd[1183]: prepare_krb5_rfc4121_buffer: serializing key with enctype 18 and size 32 Note the different RFC being used. This is just a suspicion, this may not be realted to the problem. The cipher being used is different too. Then I changed my script to proto=udp. from ubuntu1104 fails 0 times. from centos62 fails 0 times. On centos58 and ubuntu1204 mount locks up all the time. Then I added to krb5.conf [libdefaults] default_tgs_enctypes = dec-cbc-crc and rebooted both centos58 and ubuntu1204. After rebooting centos56 and ubuntu1204: nfstest fails 0 times on centos58 with udp I get very long response times for ubuntu1204 mounts and always a permission denied. This is a mystery. I have not tested NFSv4 yet. I need some help to track down this problem. Attila PS: This may be the same problem as this thread: http://lists.freebsd.org/pipermail/freebsd-stable/2012-June/068619.html ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: How to set tape parameters on freebsd?
Hi Trond, On 25/03/11 15:28, Trond Endrestøl wrote: Have you tried using /dev/sa0.ctl? E.g.: mt -f /dev/sa0.ctl comp off Thanks for your answer! I can confirm, that mt -f /dev/sa0.ctl comp off just works without the tape cartdridge loaded. I'm currently using the same approach that you use (mt before amdump), though setting it up only once at boot looks me a cleaner solution (unless the drive resets for some reason (electrocity or sas cable) stuff). Thanks, Attila ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
How to set tape parameters on freebsd?
Dear FreeBSD list, I'm currently using FreeBSD on my backup server (w/ Amanda). I'm wondering if exists out there a utility for setting tape parameters (during boot). Linux had /sbin/stinit and /etc/stinit.def. Is there something similar for FreeBSD? Another problem I'm experiencing is: During power cycling, the controller resets the tape drives the drives eject the tape. If I use 'mt -f /dev/nsa0 comp off' in a boot script it fails with an error tape drive not configured. Is there a pretty solution for this or you just put mt into a loop until it succeeds? Is there a way pushing compression and block size parameters to the sa driver? I've already RTFM sa(8) and checked sysctl settings and I couldn't find the answer. Thanks for your constructive comments in advance, Attila ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"