Excellent, thanks Matt. I'll get the SRU process rolling on this and see
if we can get this into the the distro.
Thanks again,
Adam
** Changed in: linux (Ubuntu Precise)
Assignee: Chris J Arges (christopherarges) = Adam Stokes (adam-stokes)
** Changed in: linux (Ubuntu Precise)
** Attachment added: nfs-utils_1.2.6-3ubuntu2.1.quantal.debiff
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/794112/+attachment/3312962/+files/nfs-utils_1.2.6-3ubuntu2.1.quantal.debiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
** Patch added: nfs-utils_1.2.5-3ubuntu3.1.precise.debdiff
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/794112/+attachment/3312996/+files/nfs-utils_1.2.5-3ubuntu3.1.precise.debdiff
** Patch removed: nfs-utils_1.2.5-3ubuntu4.debdiff
Matthew,
Just to verify you are running a precise kernel and not the one patched
from #15?
Thanks
Adam
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Title:
Kerberos + LDAP + NFSv4 on Natty
Hi Adam,
Yes - we are running the unpatched precise kernel. I don't remember the
version when I first started testing with my nfs-utils patch, but we're
currently running linux-image-3.2.0-30-generic version 3.2.0-30.48. A
few systems that haven't rebooted recently are still on linux-
The patch from the debian bug has been working well on all of our
systems and completely fixes the issues we had been seeing related to
the new EKEYEXPIRED behavior.
I applied the upstream patch to nfs-utils 1.2.5, and also made a small
tweak to the gssd man page to document it.
I'm not sure
** Patch added: 19-ticket-expired-error.patch
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/794112/+attachment/3272259/+files/19-ticket-expired-error.patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
The attachment nfs-utils_1.2.5-3ubuntu4.debdiff of this bug report has
been identified as being a patch in the form of a debdiff. The ubuntu-
sponsors team has been subscribed to the bug report so that they can
review and hopefully sponsor the debdiff. In the event that this is in
fact not a
Given the discussion on the linux-nfs list, I actually doubt this change
will be reverted. I can see that this could potentially be desired
behavior, but in some circumstances, it's catastrophic. For example, in
our environment we have kerberized nfs home directories. If a user runs
something in
** Changed in: linux (Ubuntu Precise)
Assignee: (unassigned) = Chris J Arges (christopherarges)
** No longer affects: linux
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Title:
I can't agree. Long run jobs and desktop session are two different cases.
When user leaves at the of the day his desk and leave its session open, it
seems normal that the filesystem, without revalidation becomes unavailable,
like it always use to be. Once unavailable, it can't be used be an
Automatically renewing the ticket is not a security breach. Since it can
be done without storing passwords I don't see why it should be unsafe.
IMHO it currently is the only reasonably safe way to keep NFS home
directories accessible for long running jobs (e.g. if you have to run a
simulation
The Kernel posted by Chris allows, (with console login), the user to unlock
the
screensaver
Well, this seems to fix the original bug reported here. Which is that
nobody can log in using LDAP / Kerberos once a ticket of one signed in
user expired.
but applications, such like web browser,
We use sssd and had the same problem until I set krb5_renew_interval in
the sssd.conf. After that we have had no problems.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Title:
Kerberos +
The Kernel posted by Chris allows, (with console login), the user to
unlock the screensaver but applications, such like web browser, remains
stuck and the session has to be restarted in order to work properly.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
This same problem applies to kerberized NFSv3 as well as NFSv4. In both
cases, the kernel will keep retrying if rpc.gssd only finds expired
credentials. I've been investigating this problem because after a Lucid
to Precise upgrade, users with kerberized NFS homedirs are unable to
unlock their
I installed the kernel build posted by Chris in #15, logged in as an
LDAP user with KRB5 auth and a kerberised nfs4 home directory, then left
the machine unattended for 24 hours. Under these conditions the X
session would be locked up when I returned to the machine and the nfs
mount inaccessable
Could someone test the kernel image Chris posted?
** Package changed: nfs-utils (Ubuntu Precise) = linux (Ubuntu Precise)
** Changed in: linux (Ubuntu Precise)
Status: Confirmed = Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
This could be related to this thread (thanks to Sachin):
http://thread.gmane.org/gmane.linux.nfs/47940/focus=47947
I have built a kernel with a cherry picked patch from
e49a29bd0eacce9d4956c4daf777a330115b369d, which is the upstream commit
of this patch.
Please see if my Precise kernel build
** Tags added: rls-mgr-p-tracking
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Title:
Kerberos + LDAP + NFSv4 on Natty - Unable to recover unattended client
To manage notifications about
** Changed in: nfs-utils (Debian)
Status: Unknown = New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Title:
Kerberos + LDAP + NFSv4 on Natty - Unable to recover unattended client
To
related to this discussion:
http://www.spinics.net/lists/linux-nfs/msg25492.html
** Package changed: ubuntu = nfs-utils (Ubuntu)
** Changed in: nfs-utils (Ubuntu)
Importance: Undecided = High
** Also affects: nfs-utils (Ubuntu Precise)
Importance: High
Status: Confirmed
** Bug
** Changed in: ubuntu
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Title:
Kerberos + LDAP + NFSv4 on Natty - Unable to recover unattended client
To manage
Some of my blocked processes are starting to generate stack traces from
the kernel:
Jul 1 08:11:43 carina kernel: [36142.699465] INFO: task chrome:2165 blocked
for more than 120 seconds.
Jul 1 08:11:43 carina kernel: [36142.699469] echo 0
/proc/sys/kernel/hung_task_timeout_secs disables this
Again today, the client wedged at the same time as the DHCP refresh. The
client's IP did not change. Any thoughts on what could be going on here?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
This bug seems to strike me as well, but without LDAP being involved.
After migrating from 10.04 to 11.04 the same setup (kerberos, NFS4)
leads to frozen machines in the morning.
In my case the bug arose pretty exactly 10m before a DHCP request. Don't
know if there are linked:
Jul 1 04:17:01
The client OS appears to be wedging at precisely the time of a DHCP
refresh. I came in this morning at 10:00am and found my desktop wedged
with the clock stuck at 6:01am. From the syslog:
Jun 29 06:01:04 carina kernel: [70343.412331] Error: state manager encountered
RPCSEC_GSS session expired
Observation: rpciod, nfsiod, and nfsv4.0-svc do not respond to kill -9
under these conditions.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Title:
Kerberos + LDAP + NFSv4 on Natty - Unable
On Sat, Jun 25, 2011 at 09:15:42PM -, Brian the Lion wrote:
@Steve: I have not. What would the procedure for that look like? Purge
the existing nfs-utils deb, and then build and install nfs-utils from
source?
Yes, that would work.
Is there anything I can do to further pinpoint the
@Steve: I have not. What would the procedure for that look like? Purge
the existing nfs-utils deb, and then build and install nfs-utils from
source? Is there anything I can do to further pinpoint the problem
before I try that?
--
You received this bug notification because you are a member of
Another theory: nslcd is trying to refresh the client's kerberos ticket
via LDAP. It is failing because, unlike the user principles, the nfs
principles do not have LDAP entries. Should they? Or is there a way to
tell the nfs clients to not use LDAP?
--
You received this bug notification because
I'm super keen to try debugging this myself -- you can even assign me
the bug -- if somebody will give me a little direction. Cheers!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Title:
If #kerberos thinks it's a kernel/nfs-utils version mismatch, have you
tried testing with the version combination they recommend?
Your bug report includes no information about what versions of anything
you're running. Please run 'apport-collect 794112'.
--
You received this bug notification
** Description changed:
Hi there!
I've configured a Natty client/server pair to authenticate over Kerberos
and LDAP and to mount user home directories via NFSv4 with sec=krb5. I
am using a slight variation on the configuration described here:
** Also affects: kerberos
Importance: Undecided
Status: New
** Also affects: nfs-utils
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Folks on #kerberos are saying that this bug is due to a version mismatch
between the kernel and nfs-utils.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Title:
Kerberos + LDAP + NFSv4 on
Bump? This problem is making my life miserable.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Title:
Kerberos + LDAP + NFSv4 on Natty - Unable to recover unattended client
To manage
** Package changed: ubuntu = libauthen-simple-kerberos-perl (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
Title:
Kerberos + LDAP + NFSv4 on Natty - Unable to recover unattended
I don't see why this should be related to libauthen-simple-kerberos-
perl.
** Package changed: libauthen-simple-kerberos-perl (Ubuntu) = ubuntu
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794112
39 matches
Mail list logo
