CentOS Bug Tracker
CentOS Bug Tracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0003840CentOS-5kernelpublic2009-09-16 14:392009-10-31 19:11
Reporterdaily-planet 
PrioritynormalSeverityminorReproducibilityalways
StatusnewResolutionopen 
PlatformOSOS Version
Product Version5.3 
Target VersionFixed in Version 
Summary0003840: No login from nfs4 client with kernel 2.6.18-164.el5
DescriptionHello,

since kernel 2.6.18-164.el5 no user could login with gdm any more from nfs client into his (kde) home directory on nfs server. The kde error message is:
"The following installation problem was detected while trying to start
KDE:
Writing to $HOME directory (/home/<USER>) failed with the
error 'Permission denied'
KDE is unable to start."

Login on console (no xserver running) works without problems. startx from console also doesn't work for kde.

/home is exported with nfs4 (gss/krb5), the password is delivered by
nis. Everything works fine if I reboot the nfs server into the previous
kernel 2.6.18-128.7.1.el5. Then it is completely irrelevant which
kernel version the client has. So /home export by nfs4 works for client
with kernel versions 2.6.18-164.el5 and 2.6.18-128.7.1.el5.


regards
Olaf
Additional InformationIf the nfs server runs under kernel 2.6.18-164.el5, the error messages
for the user login process are (names for user, client and domain are
replaced):

/var/log/messages
Sep 16 15:54:13 <NFS_CLIENT> gdm[3122]:
run_session_child: »~/.xsession-errors« konnte nicht geöffnet werden
Sep 16 15:55:02 <NFS_CLIENT> ntpd[2674]: synchronized to 192.168.0.1,
stratum 14
Sep 16 15:57:14 <NFS_CLIENT> gdm[3122]:
run_session_child: »~/.xsession-errors« konnte nicht geöffnet werden

/var/log/secure
Sep 16 15:57:14 <NFS_CLIENT> gdm[3122]: pam_unix(gdm:session): session
opened for user <USER> by (uid=0)
Sep 16 15:57:14 <NFS_CLIENT> sudo: pam_unix(sudo:auth): authentication
failure; logname= uid=0 euid=0 tty= ruser= rhost= user=<USER>
Sep 16 15:57:14 <NFS_CLIENT> sudo: pam_krb5[7339]: authentication fails
for '<USER>' (<USER>@<DOMAIN>): Authentication failure (Decrypt
integrity check failed)

Strange files under /home/$USER:
---xrw--wT 1 <USER> <USER> 0 Jan 17 2038 SskWxq
---------- 1 <USER> <USER> 0 Jan 17 2038 .xsession-errors

The following user processes are running on login error:
startkde
ssh-agent
dbus-launch
dbus-daemon
kdeinit
dcopserver
klauncher
kded
kcminit_startup
kwrapper
ksmserver
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0009916)
JohnnyHughes (administrator)
2009-09-16 15:42

One thing to remember is that we are releasing this kernel early, but it is built against the 5.4 tree and not the 5.3 tree, so there may some irregularities until we get the full 5.4 tree released.

We did QA test this kernel against the 5.3 tree, but we did not test that aspect of it.

This may clear up after the entire 5.4 tree is released, please let us know if this works after the 5.4 release.

Since this kernel was also a security release, we wanted to get it out while the rest of the 5.4 tree is in testing.
(0009926)
dijuremo (reporter)
2009-09-17 11:57

This is a major bug on the kernel code for nfs in the 5.4 release kernel from Red Hat. Please take a look at:

https://bugzilla.redhat.com/show_bug.cgi?id=522163 [^]

Hopefully this can be patched for the CentOS 2.6.18-164.el5 prior to release.

If you try to use vi or some other program that uses the O_EXCL flag in open(2), you will see the problem.

The problem only affects the kernel on the Server. So if you have the server kernel patched, the clients can still have the unpatched kernel and things will work correctly.
(0009930)
herrold (reporter)
2009-09-17 17:00

dijuremo

the upstream bug current status is most troubling, and the centos team do not have a RHN account to do the suggested:

  ------- Comment #21 From Jeff Layton (jlayton@redhat.com) 2009-09-17 08:04:14 EDT (-) [reply] -------

(In reply to comment #19)
> This does not make any sense, RHEL5.5 is months away, and this is a major flaw
> that will prevent anybody from using the kernel in 5.4 as an nfs server. Are
> you not planning to release an updated kernel for 5.4 with the nfs fixes before
> 5.5?

I'm not opposed to seeing this fix ship sooner, but in order for that to happen
someone will need to open a support case and request a more immediate fix. If
you do so, please be sure to reference this BZ so that the support folks know
that this is a known problem and that there is a patch that seems to fix it.

=====================

It seems like a no brainer that they would do this in house, but it is their support operation and bugzilla to run as they wish. If you know someone with a RHN account with support entitlements, ...

As to a local patch in the [base] or [updates] streams -- I cannot see that CentOS would do that as it is too central -- perhaps CentOS Plus if Red Hat does not issue a repaired kernel ...

-- Russ herrold
(0009931)
toracat (developer)
2009-09-17 17:12

>As to a local patch in the [base] or [updates] streams -- I cannot see
>that CentOS would do that as it is too central -- perhaps CentOS Plus
>if Red Hat does not issue a repaired kernel ...

I am building centosplus kernels with the patch as I type this. Also, CentOS used to provide distro kernels with patches from people.centos.org. Maybe this can be done for this bug?
(0009932)
herrold (reporter)
2009-09-17 18:33

toracat

are you reading my mind again?
(0009933)
toracat (developer)
2009-09-17 19:44

Johnny,

If you (==CentOS) decide to offer the patched kernel somewhere, the cplus counterpart SRPM is ready in the usual place. So far, I have done a test-install on a 64-bit box.
(0009934)
dijuremo (reporter)
2009-09-17 20:06

I have asked some people from my campus who have support contracts to open tickets and other people who have reached the bugzilla entry have also opened the support tickets for the same issue, hopefully this will make something happen for the official red hat kernel release for 5.4
(0009952)
toracat (developer)
2009-09-19 01:53
edited on: 2009-09-19 01:56

Not sure if CentOS is going to provide the kernel with the fix. In the meantime, anyone wishing to give the patched centosplus kernel a try can download it from:

http://centos.toracat.org/kernel/centos5/centosplus-testing [^]

The name is kernel-2.6.18-164.bz522163.el5.ayplus.

(0009968)
toracat (developer)
2009-09-22 16:54

I am no longer able to access the upstream bugzilla at:

https://bugzilla.redhat.com/show_bug.cgi?id=522163 [^]

Does anyone know why they have made it private?
(0009969)
dijuremo (reporter)
2009-09-22 17:02

The bugzilla has been replaced by:

https://bugzilla.redhat.com/show_bug.cgi?id=524520 [^]
(0009995)
toracat (developer)
2009-09-30 19:23

A kernel update for 5.4 is out. I have updated the centosplus kernel with the nfsv4 patch accordingly. It's in the same place as before but the name is now:

kernel-2.6.18-164.2.1.el5.ayplus
(0010019)
dijuremo (reporter)
2009-10-02 17:01

Would you be interested in the RH provided Hotfix kernel srpm? If so where would I be able to upload it? It is about 72MB in size...

md5sum kernel-2.6.18-164.3.1.el5.src.rpm
8392f81e16c4e0d72ddcc3f593d449f4 kernel-2.6.18-164.3.1.el5.src.rpm

Our guys with support contracts have received all the files as a hotfix kernel and the release to everyone will follow in the first week of november.
(0010020)
toracat (developer)
2009-10-02 17:04

Is it distributable (can be made public) ?
(0010021)
dijuremo (reporter)
2009-10-02 17:11

Hmmm that is a very good question, I think that it being a src.rpm it would fall between the lines of the GPL, wouldn't it? Isn't that how you guys compile all the CentOS stuff?
(0010022)
dijuremo (reporter)
2009-10-02 17:16

rpm -qip kernel-2.6.18-164.3.1.el5.src.rpm
Name : kernel Relocations: (not relocatable)
Version : 2.6.18 Vendor: Red Hat, Inc.
Release : 164.3.1.el5 Build Date: Thu 01 Oct 2009 04:15:42 AM EDT
Install Date: (not installed) Build Host: ppc-004.build.bos.redhat.com
Group : System Environment/Kernel Source RPM: (none)
Size : 0 License: GPLv2
Signature : (none)
Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> [^]
URL : http://www.kernel.org/ [^]
Summary : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.
(0010023)
toracat (developer)
2009-10-02 17:57

Well, the patch itself is publicly available and it's fairly trivial for anyone to apply it to the current kernel. In that sense, whether that hotfix is distributable may not be relevant because CentOS devs can build the patched kernel if they so wish. It's rather a question of whether or not they have the time and resources at this moment.
(0010226)
toracat (developer)
2009-10-31 19:11

The patch referenced in this bug tracker is now in the centosplus kernel 2.6.18-164.2.1.el5.centos.plus.

- Issue History
Date Modified Username Field Change
2009-09-16 14:39 daily-planet New Issue
2009-09-16 15:42 JohnnyHughes Note Added: 0009916
2009-09-17 11:57 dijuremo Note Added: 0009926
2009-09-17 17:00 herrold Note Added: 0009930
2009-09-17 17:12 toracat Note Added: 0009931
2009-09-17 18:33 herrold Note Added: 0009932
2009-09-17 19:44 toracat Note Added: 0009933
2009-09-17 20:06 dijuremo Note Added: 0009934
2009-09-19 01:53 toracat Note Added: 0009952
2009-09-19 01:56 toracat Note Edited: 0009952
2009-09-22 16:54 toracat Note Added: 0009968
2009-09-22 17:02 dijuremo Note Added: 0009969
2009-09-30 19:23 toracat Note Added: 0009995
2009-10-02 17:01 dijuremo Note Added: 0010019
2009-10-02 17:04 toracat Note Added: 0010020
2009-10-02 17:11 dijuremo Note Added: 0010021
2009-10-02 17:16 dijuremo Note Added: 0010022
2009-10-02 17:57 toracat Note Added: 0010023
2009-10-31 19:11 toracat Note Added: 0010226


Copyright © 2000 - 2014 MantisBT Team
Powered by Mantis Bugtracker