Your message dated Sat, 19 Mar 2022 17:21:17 +0100 with message-id <655212549a6125b02fa4162c5d6cc49085f2d4c5.camel@decadent.org.uk> and subject line Re: nfs-utils updated to 1.3.4-1, please check your bug #446238 has caused the Debian Bug report #446238, regarding nfs-common: Locks when using nfs4 sec=krb5 and user ticket expires to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 446238: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446238 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: nfs-common: Locks when using nfs4 sec=krb5 and user ticket expires
- From: Pedro Celestino dos Reis Rodrigues <reis@fc.ul.pt>
- Date: Thu, 11 Oct 2007 12:10:04 +0100
- Message-id: <200710111210.05054.reis@fc.ul.pt>
Package: nfs-common Version: 1:1.0.10-6+etch.1 Severity: important The problem can be reproduced in the following conditions Automounted homes over nfs4 with sec=krb5 Start a session on the nfs client and let the user ticked (used to grant the nfs access) expire After this the user can not access is home (as should be expected) However, it also appens that, for example, any trial to start a new session of some other user will sucessfully mount the respective home but the login process will stay forever trying to read a file (.bash_profile for example). The client syslog presents messages like these Oct 11 07:44:46 directivo rpc.gssd[30786]: ERROR: GSS-API: error in gss_acquire_cred(): The referenced credentials have expired - No error Oct 11 07:44:46 directivo rpc.gssd[30786]: WARNING: Failed to create krb5 context for user with uid 726 for server essa.essa.pt Oct 11 07:44:46 directivo rpc.gssd[30786]: ERROR: GSS-API: error in gss_acquire_cred(): The referenced credentials have expired - No error Oct 11 07:44:46 directivo rpc.gssd[30786]: WARNING: Failed to create krb5 context for user with uid 726 for server essa.essa.pt Oct 11 07:44:46 directivo kernel: Error: state recovery failed on NFSv4 server 192.168.0.99 with error 13 Oct 11 07:44:46 directivo rpc.gssd[30786]: ERROR: GSS-API: error in gss_acquire_cred(): The referenced credentials have expired - No error Oct 11 07:44:46 directivo rpc.gssd[30786]: WARNING: Failed to create krb5 context for user with uid 726 for server essa.essa.pt Oct 11 07:44:46 directivo rpc.gssd[30786]: ERROR: GSS-API: error in gss_acquire_cred(): The referenced credentials have expired - No error Oct 11 07:44:46 directivo rpc.gssd[30786]: WARNING: Failed to create krb5 context for user with uid 726 for server essa.essa.pt Oct 11 07:44:46 directivo kernel: Error: state recovery failed on NFSv4 server 192.168.0.99 with error 13 where 726 is the owner of the expired ticket in the present case Refreshing the expired ticket for this user grants him access to his home again and, additionaly, unlocks access to the other user homes In a single user nfs client machine this is pretty harmless, but in a multiuser one or if it is an X or thin terminal server, as it is the case here, this is a show stopper On client autofs 4.1.4-13 libpam-krb5 2.6-1 On server nfs-kernel-server 1.0.10-6+etch.1 krb5-kdc 1.4.4-7etch4 libkrb53 1.4.4-7etch4 If more details or log contents are needed please let me know Thanks in advance for any help Pedro Rodrigues -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-5-686 Locale: LANG=pt_PT.UTF-8, LC_CTYPE=pt_PT.UTF-8 (charmap=UTF-8) Versions of packages nfs-common depends on: ii adduser 3.102 Add and remove users and groups ii libc6 2.3.6.ds1-13etch2 GNU C Library: Shared libraries ii libcomer 1.39+1.40-WIP-2006.11.14+dfsg-2 common error description library ii libevent 1.1a-1 An asynchronous event notification ii libgssap 0.10-4 A mechanism-switch gssapi library ii libkrb53 1.4.4-7etch4 MIT Kerberos runtime libraries ii libnfsid 0.18-0 An nfs idmapping library ii librpcse 0.14-2etch1 allows secure rpc communication us ii libwrap0 7.6.dbs-13 Wietse Venema's TCP wrappers libra ii lsb-base 3.1-23.2etch1 Linux Standard Base 3.1 init scrip ii netbase 4.29 Basic TCP/IP networking system ii portmap 5-26 The RPC portmapper ii ucf 2.0020 Update Configuration File: preserv nfs-common recommends no packages. -- no debconf information -- _____________________________________________________________ Pedro Celestino dos Reis Rodrigues Departamento de Química e Bioquímica Faculdade de Ciências da Universidade de Lisboa Tel: 21750000-28619
--- End Message ---
--- Begin Message ---
- To: 446238-done@bugs.debian.org
- Subject: Re: nfs-utils updated to 1.3.4-1, please check your bug #446238
- From: Ben Hutchings <ben@decadent.org.uk>
- Date: Sat, 19 Mar 2022 17:21:17 +0100
- Message-id: <655212549a6125b02fa4162c5d6cc49085f2d4c5.camel@decadent.org.uk>
- In-reply-to: <6737149.gBTm9uiVq6@plasma>
- References: <6737149.gBTm9uiVq6@plasma>
On Thu, 15 Dec 2016 13:47:27 +0000 Pedro Celestino dos Reis Rodrigues <reis@fc.ul.pt> wrote: > Hi Daniel > > I am no longer in conditions to check if the problem is solved. > Unless any of the other reporters believes that it is not the case the bug can > be closed. Sorry we never found a solution for this. I'm closing the bug report now. Ben. -- Ben Hutchings Beware of programmers who carry screwdrivers. - Leonard BrandweinAttachment: signature.asc
Description: This is a digitally signed message part
--- End Message ---