On Mon 21 Oct 2013 01:05:14 AM EDT, NeilBrown wrote: > > Hi, > as you probably know, request_key() imposes a quota on > the number of keys that can be requested, which by default is quite low (200). > When idmap exceeds this quota, request_key() returns an error and > the result is userspace sees "nobody" as the owner. > > A short term fix is to fiddle some sysctl values, but I wonder if any long > term fix is being planned. I don't have anything planned. > > Probably the sensible thing would be for nfs-idmap to bypass the quota. > As keys are not held active for very long at a time, they should be garbage > collected in due course. > There is currently no interface to request this but I suspect one could be > added. Adding a new keyring interface might be a better question for David Howells, since he's done a lot of keyring work. How many idmap keys do you have active at once? I'm guessing the quota is there for a reason, and increasing it in-kernel would probably be much easier than adding a new interface for short-lived keys. > > (I want to fixed this for openSUSE-13.1, and don't want to diverge too far > from mainline). > > Thanks, > NeilBrown -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
