Hi,
We've seen excessive (disk filling) log spam from rpc.gssd where users
mount their home directory via Kerberised NFS, and their Kerberos TGT
expires. You get lots of noise like described at
https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/293705
Attached is the patch that we've been using to address this.
regards
Andrew
--
Andrew Pollock
Google Systems Administrator
On Tue, Nov 25, 2008 at 4:22 PM, Andrew Pollock <[email protected]> wrote:
> Hi,
>
> We've seen excessive (disk filling) log spam from rpc.gssd where users
> mount their home directory via Kerberised NFS, and their Kerberos TGT
> expires. You get lots of noise like described at
> https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/293705
>
> Attached is the patch that we've been using to address this.
>
> regards
>
> Andrew
Hi Andrew,
I looked at the referenced bug discussion. Looking at the supplied
patch, I suspect you either (1) normally run rpc.gssd with "-v", or
(2) you are depending on the other part of the original patch that
decreases verbosity (copied below). If the latter is true, then
shouldn't it be sufficient to only change the error messages from
level 0 to level 1 as I've shown below?
--- nfs-utils-1.1.2.orig/utils/gssd/err_util.c
+++ nfs-utils-1.1.2/utils/gssd/err_util.c
@@ -49,6 +49,10 @@
{
va_list args;
+ /* Decrease verbosity so we don't log so much */
+ if ((priority - verbosity) > 1)
+ return;
+
/* Don't bother formatting a message we're never going to print! */
if (priority > verbosity)
return;.
--- nfs-utils-1.1.2.orig/utils/gssd/gssd_proc.c
+++ nfs-utils-1.1.2/utils/gssd/gssd_proc.c
@@ -743,7 +743,7 @@
}
if (!authgss_get_private_data(auth, &pd)) {
- printerr(0, "WARNING: Failed to obtain authentication "
+ printerr(1, "WARNING: Failed to obtain authentication "
"data for user with uid %d for server %s\n",
uid, clp->servername);
goto out_return_error;
only in patch2:
unchanged:
--- nfs-utils-1.1.2.orig/utils/gssd/gss_util.c
+++ nfs-utils-1.1.2/utils/gssd/gss_util.c
@@ -122,7 +122,7 @@
"gss_display_status called from %s\n", m);
break;
} else {
- printerr(0, "ERROR: GSS-API: (%s) error in %s(): %s\n",
+ printerr(1, "ERROR: GSS-API: (%s) error in %s(): %s\n",
typestr, m, (char *)msg.value);
}