[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Problems with iprop

To: heimdal-discuss@sics.se
Subject: Problems with iprop
From: Dr A V Le Blanc <LeBlanc@mcc.ac.uk>
Date: Wed, 25 Jul 2007 15:55:24 +0100
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
Reply-To: heimdal-discuss@sics.se, Dr A V Le Blanc <LeBlanc@mcc.ac.uk>
Sender: A O V Le Blanc <zlsiial@afs.mcc.ac.uk>
User-Agent: Mutt/1.5.12-2006-07-14

Until recently I've been running heimdal 0.7.2.dfsg.1-10 on Debian
etch systems, and I have had occasional problems with iprop, which
have been getting worse.

First, I am getting thousands of error messages on the slaves:

     ipropd-slave[8760]: kadm5_log_replay: 2469: Entry already exists in database

There are so many of these that the disks are filling up; for example,
yesterday at 06:25:32 there were 172 of them, at 06:25:33 there were
457, and at 06:25:34 there were 475.  These message are in /var/log/auth.log.
Moreover the binary log file in /var/lib/heimdal-kdc/log seems to grow
enormously large on the slave machines, filling the 4gb partition in
a few days.  Moreover, on the master machine, the ipropd-master process
keeps getting killed by the kernel, which logs this message in
/var/log/kern.log:

     kernel: Out of memory: Killed process 1545 (ipropd-master)

Since the database syncronisation gets lost so frequently, I have
cron jobs which check every ten minutes on all machines and
restart the iprop master or slave processes, at least if they are
not running; for example, this script gets run every ten minutes
on the slave:

     if [ ! -r /var/run/heimdal-kdc.pid ];then exit;fi
     if [ ! -r /proc/`cat /var/run/heimdal-kdc.pid`/stat ];then exit 0;fi
     if [ -r /var/run/ipropd-slave.pid ] ; then
       if [ -r /proc/`cat /var/run/ipropd-slave.pid`/stat ];then exit 0;fi
     fi
     . /etc/default/heimdal-kdc
     start-stop-daemon --start --quiet --background --make-pidfile --pidfile /var/run/ipropd-slave.pid --exec /usr/sbin/ipropd-slave -- "$SLAVE_PARAMS"
     exit $?

Anyway, the situation is getting worse, and so I decided to backport
the available heimdal 0.8.1 Debian packages to etch and to try those.
Now the master iprop process is dying without giving an error message,
but the logs are filling up with messages like this:

     ipropd-master[5151]: send_diffs: failed to find previous entry: kadm5_log_previous: log entry have consistency failure, length wrong

Clearly, whatever else, neither version of iprop is succeeding in playing
the log messages properly on the slaves.  Has anyone any insight to offer
before I try reporting this as a bug on the Debian lists?  Am I missing
something obvious?

     -- Owen

Follow-Ups:
- Re: Problems with iprop
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
- Re: Problems with iprop
  - From: Love Hörnquist Åstrand <lha@kth.se>

Prev by Date: Incorrect error from remote kadmin in get of undefined principle
Next by Date: Re: Problems with iprop
Prev by thread: Re: Incorrect error from remote kadmin in get of undefined principle
Next by thread: Re: Problems with iprop
Index(es):
- Date
- Thread