Hi Doug, >> Yes, I'm working against upstream. I did check briefly that the code hadn't changed too much since 1.3.4 in that area. OK, thanks for the info. I wondered, because your patch did not show up as a commit within upstream. Your patch seems to do a good job - no more segfaults since a period of four days. :-) >> I've found one other place that has insufficient locking but the race to hit it is fairly small. It's in the Kerberos machine principal cache when it refreshes the machine credentials. These type of patches are always welcome. :-) In the recent past, some of our scientific staff exprienced strange problems with Kerberos authentication against our NFSv4 file servers. Maybe, the outages were in connection with this type of race condition. But, I do not know for sure as the authentication errors did happen on a rather sporadic basis. >> I have a patch for that, but it's pretty invasive due to some other changes I'm currently working on. Let me know if you hit it, and I can work on a simple version to backport. NFSv4+Kerberos is not for the faint-hearted. I do not fear of invasive patches - as long as they are not missing technical correctness. ;-) A question far apart from this: How is it about the spread of NFSv4+Kerberos setups within academic community and commerical environments? Are there, up to your knowledge, any bigger on-premise or cloud setups out there? And are there any companies running dedicated NFSv4+Kerberos setups? Best and keep well and fit Sebastian _________________ Sebastian Kraus Team IT am Institut für Chemie Gebäude C, Straße des 17. Juni 115, Raum C7 Technische Universität Berlin Fakultät II Institut für Chemie Sekretariat C3 Straße des 17. Juni 135 10623 Berlin Tel.: +49 30 314 22263 Fax: +49 30 314 29309 Email: sebastian.kraus@xxxxxxxxxxxx ________________________________________ From: Doug Nazar <nazard@xxxxxxxx> Sent: Monday, June 29, 2020 16:09 To: Kraus, Sebastian Cc: linux-nfs@xxxxxxxxxxxxxxx Subject: Re: [PATCH v2] Re: Strange segmentation violations of rpc.gssd in Debian Buster On 2020-06-29 01:39, Kraus, Sebastian wrote: > Hi Doug, > thanks very much for your patch and efforts. > I manually backported the patch to nfs-utils 1.3.4-2.5 source in Debian Buster. > I am now testing the modified build on one of my NFSv4 file servers. Looks promising. > > One additional question: Which nfs-utils branch are your working on - steved/nfs-utils.git ? Yes, I'm working against upstream. I did check briefly that the code hadn't changed too much since 1.3.4 in that area. I've found one other place that has insufficient locking but the race to hit it is fairly small. It's in the Kerberos machine principal cache when it refreshes the machine credentials. I have a patch for that, but it's pretty invasive due to some other changes I'm currently working on. Let me know if you hit it, and I can work on a simple version to backport. Doug
