View Issue Details

IDProjectCategoryView StatusLast Update
0003840CentOS-5kernelpublic2009-10-31 19:11
Status newResolutionopen 
Product Version5.3 
Target VersionFixed in Version 
Summary0003840: No login from nfs4 client with kernel 2.6.18-164.el5

since kernel 2.6.18-164.el5 no user could login with gdm any more from nfs client into his (kde) home directory on nfs server. The kde error message is:
"The following installation problem was detected while trying to start
Writing to $HOME directory (/home/<USER>) failed with the
error 'Permission denied'
KDE is unable to start."

Login on console (no xserver running) works without problems. startx from console also doesn't work for kde.

/home is exported with nfs4 (gss/krb5), the password is delivered by
nis. Everything works fine if I reboot the nfs server into the previous
kernel 2.6.18-128.7.1.el5. Then it is completely irrelevant which
kernel version the client has. So /home export by nfs4 works for client
with kernel versions 2.6.18-164.el5 and 2.6.18-128.7.1.el5.

Additional InformationIf the nfs server runs under kernel 2.6.18-164.el5, the error messages
for the user login process are (names for user, client and domain are

Sep 16 15:54:13 <NFS_CLIENT> gdm[3122]:
run_session_child: »~/.xsession-errors« konnte nicht geöffnet werden
Sep 16 15:55:02 <NFS_CLIENT> ntpd[2674]: synchronized to,
stratum 14
Sep 16 15:57:14 <NFS_CLIENT> gdm[3122]:
run_session_child: »~/.xsession-errors« konnte nicht geöffnet werden

Sep 16 15:57:14 <NFS_CLIENT> gdm[3122]: pam_unix(gdm:session): session
opened for user <USER> by (uid=0)
Sep 16 15:57:14 <NFS_CLIENT> sudo: pam_unix(sudo:auth): authentication
failure; logname= uid=0 euid=0 tty= ruser= rhost= user=<USER>
Sep 16 15:57:14 <NFS_CLIENT> sudo: pam_krb5[7339]: authentication fails
for '<USER>' (<USER>@<DOMAIN>): Authentication failure (Decrypt
integrity check failed)

Strange files under /home/$USER:
---xrw--wT 1 <USER> <USER> 0 Jan 17 2038 SskWxq
---------- 1 <USER> <USER> 0 Jan 17 2038 .xsession-errors

The following user processes are running on login error:
TagsNo tags attached.




2009-09-16 15:42

administrator   ~0009916

One thing to remember is that we are releasing this kernel early, but it is built against the 5.4 tree and not the 5.3 tree, so there may some irregularities until we get the full 5.4 tree released.

We did QA test this kernel against the 5.3 tree, but we did not test that aspect of it.

This may clear up after the entire 5.4 tree is released, please let us know if this works after the 5.4 release.

Since this kernel was also a security release, we wanted to get it out while the rest of the 5.4 tree is in testing.


2009-09-17 11:57

reporter   ~0009926

This is a major bug on the kernel code for nfs in the 5.4 release kernel from Red Hat. Please take a look at:

Hopefully this can be patched for the CentOS 2.6.18-164.el5 prior to release.

If you try to use vi or some other program that uses the O_EXCL flag in open(2), you will see the problem.

The problem only affects the kernel on the Server. So if you have the server kernel patched, the clients can still have the unpatched kernel and things will work correctly.


2009-09-17 17:00

reporter   ~0009930


the upstream bug current status is most troubling, and the centos team do not have a RHN account to do the suggested:

  ------- Comment #21 From Jeff Layton ( 2009-09-17 08:04:14 EDT (-) [reply] -------

(In reply to comment #19)
> This does not make any sense, RHEL5.5 is months away, and this is a major flaw
> that will prevent anybody from using the kernel in 5.4 as an nfs server. Are
> you not planning to release an updated kernel for 5.4 with the nfs fixes before
> 5.5?

I'm not opposed to seeing this fix ship sooner, but in order for that to happen
someone will need to open a support case and request a more immediate fix. If
you do so, please be sure to reference this BZ so that the support folks know
that this is a known problem and that there is a patch that seems to fix it.


It seems like a no brainer that they would do this in house, but it is their support operation and bugzilla to run as they wish. If you know someone with a RHN account with support entitlements, ...

As to a local patch in the [base] or [updates] streams -- I cannot see that CentOS would do that as it is too central -- perhaps CentOS Plus if Red Hat does not issue a repaired kernel ...

-- Russ herrold


2009-09-17 17:12

manager   ~0009931

>As to a local patch in the [base] or [updates] streams -- I cannot see
>that CentOS would do that as it is too central -- perhaps CentOS Plus
>if Red Hat does not issue a repaired kernel ...

I am building centosplus kernels with the patch as I type this. Also, CentOS used to provide distro kernels with patches from Maybe this can be done for this bug?


2009-09-17 18:33

reporter   ~0009932


are you reading my mind again?


2009-09-17 19:44

manager   ~0009933


If you (==CentOS) decide to offer the patched kernel somewhere, the cplus counterpart SRPM is ready in the usual place. So far, I have done a test-install on a 64-bit box.


2009-09-17 20:06

reporter   ~0009934

I have asked some people from my campus who have support contracts to open tickets and other people who have reached the bugzilla entry have also opened the support tickets for the same issue, hopefully this will make something happen for the official red hat kernel release for 5.4


2009-09-19 01:53

manager   ~0009952

Last edited: 2009-09-19 01:56

Not sure if CentOS is going to provide the kernel with the fix. In the meantime, anyone wishing to give the patched centosplus kernel a try can download it from:

The name is kernel-2.6.18-164.bz522163.el5.ayplus.



2009-09-22 16:54

manager   ~0009968

I am no longer able to access the upstream bugzilla at:

Does anyone know why they have made it private?


2009-09-22 17:02

reporter   ~0009969

The bugzilla has been replaced by:


2009-09-30 19:23

manager   ~0009995

A kernel update for 5.4 is out. I have updated the centosplus kernel with the nfsv4 patch accordingly. It's in the same place as before but the name is now:



2009-10-02 17:01

reporter   ~0010019

Would you be interested in the RH provided Hotfix kernel srpm? If so where would I be able to upload it? It is about 72MB in size...

md5sum kernel-2.6.18-164.3.1.el5.src.rpm
8392f81e16c4e0d72ddcc3f593d449f4 kernel-2.6.18-164.3.1.el5.src.rpm

Our guys with support contracts have received all the files as a hotfix kernel and the release to everyone will follow in the first week of november.


2009-10-02 17:04

manager   ~0010020

Is it distributable (can be made public) ?


2009-10-02 17:11

reporter   ~0010021

Hmmm that is a very good question, I think that it being a src.rpm it would fall between the lines of the GPL, wouldn't it? Isn't that how you guys compile all the CentOS stuff?


2009-10-02 17:16

reporter   ~0010022

rpm -qip kernel-2.6.18-164.3.1.el5.src.rpm
Name : kernel Relocations: (not relocatable)
Version : 2.6.18 Vendor: Red Hat, Inc.
Release : 164.3.1.el5 Build Date: Thu 01 Oct 2009 04:15:42 AM EDT
Install Date: (not installed) Build Host:
Group : System Environment/Kernel Source RPM: (none)
Size : 0 License: GPLv2
Signature : (none)
Packager : Red Hat, Inc. <>
Summary : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.


2009-10-02 17:57

manager   ~0010023

Well, the patch itself is publicly available and it's fairly trivial for anyone to apply it to the current kernel. In that sense, whether that hotfix is distributable may not be relevant because CentOS devs can build the patched kernel if they so wish. It's rather a question of whether or not they have the time and resources at this moment.


2009-10-31 19:11

manager   ~0010226

The patch referenced in this bug tracker is now in the centosplus kernel

Issue History

Date Modified Username Field Change
2009-09-16 14:39 daily-planet New Issue
2009-09-16 15:42 JohnnyHughes Note Added: 0009916
2009-09-17 11:57 dijuremo Note Added: 0009926
2009-09-17 17:00 herrold Note Added: 0009930
2009-09-17 17:12 toracat Note Added: 0009931
2009-09-17 18:33 herrold Note Added: 0009932
2009-09-17 19:44 toracat Note Added: 0009933
2009-09-17 20:06 dijuremo Note Added: 0009934
2009-09-19 01:53 toracat Note Added: 0009952
2009-09-19 01:56 toracat Note Edited: 0009952
2009-09-22 16:54 toracat Note Added: 0009968
2009-09-22 17:02 dijuremo Note Added: 0009969
2009-09-30 19:23 toracat Note Added: 0009995
2009-10-02 17:01 dijuremo Note Added: 0010019
2009-10-02 17:04 toracat Note Added: 0010020
2009-10-02 17:11 dijuremo Note Added: 0010021
2009-10-02 17:16 dijuremo Note Added: 0010022
2009-10-02 17:57 toracat Note Added: 0010023
2009-10-31 19:11 toracat Note Added: 0010226