Re: [PATCH] gssd: By default, don't spam syslog when users' credentials expire (redux)

Steve Dickson <SteveD@xxxxxxxxxx> · Mon, 01 Mar 2010 08:24:58 -0500

On 02/22/2010 01:33 PM, Andrew Pollock wrote:
> This is a continuation of commit 09c7ad1cd9c5ca2fc46631a0057d47309abc8706,
> adding a couple more cases that can spam syslog
> ---
>  utils/gssd/gss_util.c  |    2 +-
>  utils/gssd/gssd_proc.c |    6 +++---
>  2 files changed, 4 insertions(+), 4 deletions(-)
> diff --git a/utils/gssd/gss_util.c b/utils/gssd/gss_util.c
> index 99aceb3..64dddf1 100644
> --- a/utils/gssd/gss_util.c
> +++ b/utils/gssd/gss_util.c
> @@ -126,7 +126,7 @@ display_status_1(char *m, u_int32_t code, int
> type, const gss_OID mech)
>   "gss_display_status called from %s\n", m);
>   break;
>   } else {
> - printerr(0, "ERROR: GSS-API: (%s) error in %s(): %s\n",
> + printerr(2, "ERROR: GSS-API: (%s) error in %s(): %s\n",
>      typestr, m, (char *)msg.value);
>   }
> 
> diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
> index be4fb11..5629d97 100644
> --- a/utils/gssd/gssd_proc.c
> +++ b/utils/gssd/gssd_proc.c
> @@ -638,7 +638,7 @@ do_error_downcall(int k5_fd, uid_t uid, int err)
>   unsigned int timeout = 0;
>   int zero = 0;
> 
> - printerr(1, "doing error downcall\n");
> + printerr(2, "doing error downcall\n");
> 
>   if (WRITE_BYTES(&p, end, uid)) goto out_err;
>   if (WRITE_BYTES(&p, end, timeout)) goto out_err;
> @@ -906,7 +906,7 @@ process_krb5_upcall(struct clnt_info *clp, uid_t
> uid, int fd, char *tgtname,
>   int create_resp = -1;
>   int err, downcall_err = -EACCES;
> 
> - printerr(1, "handling krb5 upcall (%s)\n", clp->dirname);
> + printerr(2, "handling krb5 upcall (%s)\n", clp->dirname);
> 
>   if (tgtname) {
>   if (clp->servicename) {
> @@ -1066,7 +1066,7 @@ process_spkm3_upcall(struct clnt_info *clp,
> uid_t uid, int fd)
>   }
> 
>   if (!authgss_get_private_data(auth, &pd)) {
> - printerr(0, "WARNING: Failed to obtain authentication "
> + printerr(2, "WARNING: Failed to obtain authentication "
>      "data for user with uid %d for server %s\n",
>   uid, clp->servername);
>   goto out_return_error;
The only one I'm concern with is this one. How offend does this pop
and how are people going know (without a restart) the reason the
are getting deined access is because of obscure error like the 
gss private data can't be accessed?

steved.

--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html