[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: NFS disconnects periodically

On Wed, Dec 15, 2004 at 10:21:29PM +0100, Ralf Gesel|ensetter wrote:
> Hi Finn-Arne,
> 
> Am Mittwoch, 15. Dezember 2004 21:21 schrieb Finn-Arne Johansen:
> > ...
> [Snippet from my own posting]
> 
> >> This issue seems to be connected to "Delay in LDAP lookups."
> >> http://www.openldap.org/lists/openldap-software/200307/msg00398.html
> >
> > Just curious - would it help to not use automounting from ldap ?
> > and not use netgroups, but hardcode the IP-adresses that are allowed
> > to mount over NFS? This will give the ldap server a lot less stress.
> 
> Sounds like slapd is mostly occupied with looking up negroups? 
> If you send some details on how to "hardcode" this, we could try. Also, 
> we need to test if it might be a kernel issue - as the tjener running 
> with a different version doesn't crash. Could everybody else, please, 
> check?

How to disable automounting on the thinclient servers:
replace 
 AUTOFS_ENABLED=true
with 
 AUTOFS_ENABLED=false
in /etc/default/autofs

and in /etc/fstab, add an entry for home0 and others: 
 tjener:/skole/tjener/home0 /skole/tjener/home0 nfs defaults 0 0 
and create /skole/tjener/home0. 

But remember to remove /skole/tjener if you later decide to enable
autofs again. 


how to hardcode which servers are allowed to mount NFS from tjener:
in /etc/exports replace 
 @ltsp-servers(rw) 
with 
 10.0.2.10(rw) 

I guess you may remove mount permissions from workstations and servers as well

> > But we really need to find out why nscd segfaults.
> 
> Ack. The stated links says something like malconfigured reverse DNS ...?

what says 
 host 10.0.2.10 (if this is one of the servers you have problems with)
 and what says hostname ? 
 
> > Could it be that there is an error in the config-file for nscd ?
> 
> Let me post our version:
> 
> # /etc/nscd.conf
> # (omitting commented sample lines)
> #       logfile                 /var/log/nscd.log
> #       threads                 6
> #       server-user             nobody
> #       debug-level             0
> 
>         enable-cache            passwd          yes
>         positive-time-to-live   passwd          600
>         negative-time-to-live   passwd          20
>         suggested-size          passwd          211

I guess you have a lot more users than 211 ?
You had ~100 users, didn't you ? 
and maybe you have som windows machine accounts as well ? 
The I would have set suggested-size for passwd to 2211
The same applies to suggested_size for groups. 

>         check-files             passwd          yes
> 
>         enable-cache            group           yes
>         positive-time-to-live   group           3600
>         negative-time-to-live   group           60
>         suggested-size          group           211
>         check-files             group           yes
> 
> # !!!!!WARNING!!!!! Host cache is insecure!!! The mechanism in nscd to
> # cache hosts will cause your local system to not be able to trust
> # forward/reverse lookup checks DO NOT USE THIS if your system relies on
> # this sort of security mechanism. Use a caching DNS server instead.
>         enable-cache            hosts           no
>         positive-time-to-live   hosts           3600
>         negative-time-to-live   hosts           20
>         suggested-size          hosts           211
>         check-files             hosts           yes
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-edu-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 

-- 
Finn-Arne Johansen 
faj@bzz.no
http://bzz.no/
Reply to: