Bug#758870: nfs-common: nfs v4: uid/gid lookup fails for some of the users

To: 758870@bugs.debian.org
Subject: Bug#758870: nfs-common: nfs v4: uid/gid lookup fails for some of the users
From: Tero Marttila <tero.marttila@paivola.fi>
Date: Sat, 26 Sep 2015 00:53:49 +0300
Message-id: <[🔎] 5605C26D.5040902@paivola.fi>
Reply-to: Tero Marttila <tero.marttila@paivola.fi>, 758870@bugs.debian.org

Similar symptoms (uid/gid 4294967294) can also be caused by runningagainst the root's keyring quota in the kernel, which is used to storeall the id_resolv/id_legacy keys for each uid and gid.

The default kernel keyring quotas (200 keys!) in jessie's 3.16 kernelwork poorly for NFSv4 setups with more than ~100 users. Thekernel.keys.root_{maxkeys,maxbytes} sysctls should be bumped higher:

$ sudo sysctl kernel.keys.root_maxbytes=25000000 kernel.keys.root_maxkeys=1000000


Using the new Linux 3.18 default values:

>https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=738c5d190f6540539a04baf36ce21d46b5da04bd


Works much better with all of the 4294967294 UIDs now showing correctly.

$ sudo head -n1 /proc/key-users
0: 1248 1247/1247 1243/1000000 31475/25000000

With the current kernel.keys.root_maxkeys=200 default in 3.16, this willquickly be saturated.


Relevant Ubuntu bug:

https://bugs.launchpad.net/fedora/+bug/1124250


 -- Tero Marttila

Reply to:

Prev by Date: Bug#799926: linux-image-3.16.0-4-amd64: Ricoh R5C822 cardreader sometimes does not work with "Disabling IRQ #18" message
Next by Date: Processing of linux_4.2.1-1_multi.changes
Previous by thread: Bug#799926: linux-image-3.16.0-4-amd64: Ricoh R5C822 cardreader sometimes does not work with "Disabling IRQ #18" message
Next by thread: Processing of linux_4.2.1-1_multi.changes
Index(es):
- Date
- Thread