Date: Fri, 4 Jan 2013 16:04:03 +0000 From: Attila =?ISO-8859-1?Q?Bog=E1r?= <attila.bogar@linguamatics.com> To: freebsd-fs@freebsd.org Subject: gssd mystery Message-ID: <20130104160403.42b02209d363359b83695730@linguamatics.com>
next in thread | raw e-mail | index | archive | help
Hi All, I have NFS server which exports via kerberos security. The users and groups come from LDAP via port net/nss-pam-ldapd. gssd is linked against the latest heimdal. There are multiple LDAP servers for fail over. A story was the following: - NFS daemon locked up - top shows that it's in gsslock - or similar - I don't remember the exact = state - - I noticed, that gssd isn't running - /etc/rc.d/gssd start ... panic, reboot Unfortunately I don't have a kernel dump, but checking the logs I see 3 min= utes before the lockup: [nslcd] [warning] [d802da] <passwd=3D"someuser"> ldap_start_tls_s() failed = (uri=3Dldap://ldap1.linguamatics.com): Can't contact LDAP server: Bad file = descriptor [nslcd] [warning] [d802da] <passwd=3D"someuser"> failed to bind to LDAP ser= ver ldap://ldap1.linguamatics.com: Can't contact LDAP server: Bad file desc= riptor [nslcd] [info] [d802da] <passwd=3D"someuser"> connected to LDAP server ldap= ://ldap2.linguamatics.com This may or may not be connected, but I can't see these messages for a long= time back in history. Anyway there is some bug around gssd, because it died. I don't know if this is a reproducible bug or not yet. How can be gssd monitored on a production system to figure out the reason f= or death? Attila --=20 Attila Bog=E1r Systems Administrator Linguamatics - Cambridge, UK http://www.linguamatics.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130104160403.42b02209d363359b83695730>