rpms/nfs-utils/devel nfs-utils-1.1.4-gssd-verbosity.patch, NONE, 1.1 nfs-utils.spec, 1.203, 1.204

Steve Dickson steved at fedoraproject.org
Mon Jan 5 19:28:01 UTC 2009


Author: steved

Update of /cvs/pkgs/rpms/nfs-utils/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv1505

Modified Files:
	nfs-utils.spec 
Added Files:
	nfs-utils-1.1.4-gssd-verbosity.patch 
Log Message:
gssd: By default, don't spam syslog when users' credentials expire


nfs-utils-1.1.4-gssd-verbosity.patch:

--- NEW FILE nfs-utils-1.1.4-gssd-verbosity.patch ---
commit 09c7ad1cd9c5ca2fc46631a0057d47309abc8706
Author: Kevin Coffman <kwc at citi.umich.edu>
Date:   Mon Jan 5 14:07:05 2009 -0500

    gssd: By default, don't spam syslog when users' credentials expire
    
    Change the priority of "common" log messages so that syslog doesn't get
    slammed/spammed when users' credentials expire, or there is another
    common
    problem which would cause error messages for all context creation
    requests.
    
    Note that this will now require that gssd or svcgssd option "-v" is used
    to
    debug these common cases.
    
    Original patch from Andrew Pollock <apollock at google.com>.
    
    Signed-off-by: Kevin Coffman <kwc at citi.umich.edu>
    Signed-off-by: Steve Dickson <steved at redhat.com>
    CC: Andrew Pollock <apollock at google.com>

diff --git a/utils/gssd/gss_util.c b/utils/gssd/gss_util.c
index 8a7bcaa..2d66be9 100644
--- a/utils/gssd/gss_util.c
+++ b/utils/gssd/gss_util.c
@@ -216,7 +216,7 @@ gssd_acquire_cred(char *server_name)
 		ignore_maj_stat = gss_display_name(&ignore_min_stat,
 				target_name, &pbuf, NULL);
 		if (ignore_maj_stat == GSS_S_COMPLETE) {
-			printerr(0, "Unable to obtain credentials for '%.*s'\n",
+			printerr(1, "Unable to obtain credentials for '%.*s'\n",
 				 pbuf.length, pbuf.value);
 			ignore_maj_stat = gss_release_buffer(&ignore_min_stat,
 							     &pbuf);
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index cb14d45..91fc8d2 100644
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -448,7 +448,7 @@ do_downcall(int k5_fd, uid_t uid, struct authgss_private_data *pd,
 	return 0;
 out_err:
 	if (buf) free(buf);
-	printerr(0, "Failed to write downcall!\n");
+	printerr(1, "Failed to write downcall!\n");
 	return -1;
 }
 
@@ -741,14 +741,14 @@ handle_krb5_upcall(struct clnt_info *clp)
 			}
 			gssd_free_krb5_machine_cred_list(credlist);
 			if (!success) {
-				printerr(0, "WARNING: Failed to create krb5 context "
+				printerr(1, "WARNING: Failed to create krb5 context "
 					 "for user with uid %d with any "
 					 "credentials cache for server %s\n",
 					 uid, clp->servername);
 				goto out_return_error;
 			}
 		} else {
-			printerr(0, "WARNING: Failed to create krb5 context "
+			printerr(1, "WARNING: Failed to create krb5 context "
 				 "for user with uid %d for server %s\n",
 				 uid, clp->servername);
 			goto out_return_error;
@@ -756,7 +756,7 @@ handle_krb5_upcall(struct clnt_info *clp)
 	}
 
 	if (!authgss_get_private_data(auth, &pd)) {
-		printerr(0, "WARNING: Failed to obtain authentication "
+		printerr(1, "WARNING: Failed to obtain authentication "
 			    "data for user with uid %d for server %s\n",
 			 uid, clp->servername);
 		goto out_return_error;
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 77814bc..d4ee631 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -399,7 +399,7 @@ gssd_get_single_krb5_cred(krb5_context context,
 		goto out;
 	}
 	if (krb5_get_init_creds_opt_set_addressless(context, init_opts, 1))
-		printerr(0, "WARNING: Unable to set option for addressless "
+		printerr(1, "WARNING: Unable to set option for addressless "
 			 "tickets.  May have problems behind a NAT.\n");
 #ifdef TEST_SHORT_LIFETIME
 	/* set a short lifetime (for debugging only!) */
@@ -422,7 +422,7 @@ gssd_get_single_krb5_cred(krb5_context context,
 
 	if ((code = krb5_get_init_creds_keytab(context, &my_creds, ple->princ,
 					       kt, 0, NULL, opts))) {
-		printerr(0, "WARNING: %s while getting initial ticket for "
+		printerr(1, "WARNING: %s while getting initial ticket for "
 			 "principal '%s' using keytab '%s'\n",
 			 gssd_k5_err_msg(context, code),
 			 pname ? pname : "<unparsable>", kt_name);
@@ -632,7 +632,7 @@ get_full_hostname(const char *inhost, char *outhost, int outhostlen)
 	/* Get full target hostname */
 	retval = getaddrinfo(inhost, NULL, &hints, &addrs);
 	if (retval) {
-		printerr(0, "%s while getting full hostname for '%s'\n",
+		printerr(1, "%s while getting full hostname for '%s'\n",
 			 gai_strerror(retval), inhost);
 		goto out;
 	}
diff --git a/utils/gssd/svcgssd_proc.c b/utils/gssd/svcgssd_proc.c
index f162152..1d13532 100644
--- a/utils/gssd/svcgssd_proc.c
+++ b/utils/gssd/svcgssd_proc.c
@@ -108,7 +108,7 @@ do_svc_downcall(gss_buffer_desc *out_handle, struct svc_cred *cred,
 	fclose(f);
 	return err;
 out_err:
-	printerr(0, "WARNING: downcall failed\n");
+	printerr(1, "WARNING: downcall failed\n");
 	return -1;
 }
 
@@ -247,7 +247,7 @@ get_ids(gss_name_t client_name, gss_OID mech, struct svc_cred *cred)
 			res = 0;
 			goto out_free;
 		}
-		printerr(0, "WARNING: get_ids: failed to map name '%s' "
+		printerr(1, "WARNING: get_ids: failed to map name '%s' "
 			"to uid/gid: %s\n", sname, strerror(-res));
 		goto out_free;
 	}
@@ -380,7 +380,7 @@ handle_nullreq(FILE *f) {
 		goto continue_needed;
 	}
 	else if (maj_stat != GSS_S_COMPLETE) {
-		printerr(0, "WARNING: gss_accept_sec_context failed\n");
+		printerr(1, "WARNING: gss_accept_sec_context failed\n");
 		pgsserr("handle_nullreq: gss_accept_sec_context",
 			maj_stat, min_stat, mech);
 		goto out_err;


Index: nfs-utils.spec
===================================================================
RCS file: /cvs/pkgs/rpms/nfs-utils/devel/nfs-utils.spec,v
retrieving revision 1.203
retrieving revision 1.204
diff -u -r1.203 -r1.204
--- nfs-utils.spec	5 Jan 2009 18:03:37 -0000	1.203
+++ nfs-utils.spec	5 Jan 2009 19:27:31 -0000	1.204
@@ -40,6 +40,7 @@
 Patch111: nfs-utils-1.1.4-statd-xunlink.patch
 Patch112: nfs-utils-1.1.4-tcpwrapper-update.patch
 Patch113: nfs-utils-1.1.4-tcpwrap-warn.patch
+Patch114: nfs-utils-1.1.4-gssd-verbosity.patch
 
 %if %{enablefscache}
 Patch90: nfs-utils-1.1.0-mount-fsc.patch
@@ -108,6 +109,7 @@
 %patch111 -p1
 %patch112 -p1
 %patch113 -p1
+%patch114 -p1
 
 %if %{enablefscache}
 %patch90 -p1
@@ -274,6 +276,7 @@
 * Sat Jan  3 2009 Steve Dickson <steved at redhat.com> 1.1.4-11
 - Added warnings to tcp wrapper code when mounts are 
   denied due to misconfigured DNS configurations.
+- gssd: By default, don't spam syslog when users' credentials expire
 
 * Fri Dec 19 2008 Steve Dickson <steved at redhat.com> 1.1.4-10
 - Re-enabled and fixed/enhanced tcp wrappers.




More information about the fedora-extras-commits mailing list