From owner-freebsd-fs@FreeBSD.ORG Fri Jan 4 16:21:08 2013 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 38A12515 for ; Fri, 4 Jan 2013 16:21:08 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from esa-jnhn.mail.uoguelph.ca (esa-jnhn.mail.uoguelph.ca [131.104.91.44]) by mx1.freebsd.org (Postfix) with ESMTP id D7C7DC0F for ; Fri, 4 Jan 2013 16:21:07 +0000 (UTC) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AqAEAJ8A51CDaFvO/2dsb2JhbAA9CIY5typzgh4BAQEDAQEBASArIAsFFgcRAgINGQIpAQkmBggHBAEcBIdtBgylNI8qgSKLRwSDFYETA4hhinyCLoEcjy2DEoFTNQ X-IronPort-AV: E=Sophos;i="4.84,411,1355115600"; d="scan'208";a="9403392" Received: from erie.cs.uoguelph.ca (HELO zcs3.mail.uoguelph.ca) ([131.104.91.206]) by esa-jnhn.mail.uoguelph.ca with ESMTP; 04 Jan 2013 11:21:06 -0500 Received: from zcs3.mail.uoguelph.ca (localhost.localdomain [127.0.0.1]) by zcs3.mail.uoguelph.ca (Postfix) with ESMTP id 7683FB404D; Fri, 4 Jan 2013 11:21:06 -0500 (EST) Date: Fri, 4 Jan 2013 11:21:06 -0500 (EST) From: Rick Macklem To: =?utf-8?Q?Attila_Bog=C3=A1r?= Message-ID: <1583693481.1674257.1357316466470.JavaMail.root@erie.cs.uoguelph.ca> In-Reply-To: <20130104160403.42b02209d363359b83695730@linguamatics.com> Subject: Re: gssd mystery MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [172.17.91.201] X-Mailer: Zimbra 6.0.10_GA_2692 (ZimbraWebClient - FF3.0 (Win)/6.0.10_GA_2692) Cc: freebsd-fs@freebsd.org X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jan 2013 16:21:08 -0000 Attila Bogar wrote: > Hi All, >=20 > I have NFS server which exports via kerberos security. > The users and groups come from LDAP via port net/nss-pam-ldapd. > gssd is linked against the latest heimdal. > There are multiple LDAP servers for fail over. >=20 > A story was the following: > - NFS daemon locked up > - top shows that it's in gsslock - or similar - I don't remember the > exact state - > - I noticed, that gssd isn't running > - /etc/rc.d/gssd start > ... panic, reboot >=20 There are a couple of recent commits to head that were MFC'd to stable/9 yesterday that might be useful. r244331 (MFC'd as r245016) modifies the gssd daemon so that it uses syslog() when daemonized, so it should leave a message in /var/log/messages when it exit(1)s, due to a failure. r244370 (MFC'd as r245018) should keep the kernel from crashing when the gssd is restarted. If the gssd daemon crashed, hopefully there is a core dump (/gssd.core). If you have one of these, please run gdb on it and see where it crashed. > Unfortunately I don't have a kernel dump, but checking the logs I see > 3 minutes before the lockup: > [nslcd] [warning] [d802da] ldap_start_tls_s() > failed (uri=3Dldap://ldap1.linguamatics.com): Can't contact LDAP server: > Bad file descriptor > [nslcd] [warning] [d802da] failed to bind to LDAP > server ldap://ldap1.linguamatics.com: Can't contact LDAP server: Bad > file descriptor > [nslcd] [info] [d802da] connected to LDAP server > ldap://ldap2.linguamatics.com > This may or may not be connected, but I can't see these messages for a > long time back in history. >=20 Might be related. It will do getpwname() to create a uid/gid-list for a user principal name. > Anyway there is some bug around gssd, because it died. > I don't know if this is a reproducible bug or not yet. >=20 > How can be gssd monitored on a production system to figure out the > reason for death? >=20 If there is no core dump, hopefully the r244331 patch will result in a message in /var/log/messages. Please let us know if you figure out more about why the gssd died. Good luck with it, rick > Attila >=20 > -- > Attila Bog=C3=A1r > Systems Administrator > Linguamatics - Cambridge, UK > http://www.linguamatics.com/ > _______________________________________________ > freebsd-fs@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-fs > To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org"