[LU-8298] enabling gss causes possibly misleading warnings from tgt_init_sec_level() Created: 17/Jun/16  Updated: 12/Jul/16  Resolved: 12/Jul/16

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: Lustre 2.9.0

Type: Bug Priority: Minor
Reporter: John Hammond Assignee: nasf (Inactive)
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Related
is related to LU-6971 Remove obsolete remote client and "lf... Resolved
Severity: 3
Rank (Obsolete): 9223372036854775807

 Description   

When connecting to a GSS-ized target we see the following warnings on the console

[80648.003579] Lustre: 1666:0:(tgt_handler.c:894:tgt_init_sec_level()) client 192.168.122.162@tcp -> target lustre-MDT0000 uses old version, run under security level 0.

These are likely misleading/unhelpful to the admin.

 Comments   
Comment by John Hammond [ 17/Jun/16 ]

After Fan Yong's patch for LU-6971 has landed the I think the "sec_level" functionality will be obsolete. If so then tgt_init_sec_level() can be removed completely and this message will go away.

Comment by nasf (Inactive) [ 18/Jun/16 ]

After Fan Yong's patch for LU-6971 has landed the I think the "sec_level" functionality will be obsolete. If so then tgt_init_sec_level() can be removed completely and this message will go away.

With LU-6971 patch applied, you will NOT see the misguided message again. So we can close this ticket.

Comment by nasf (Inactive) [ 18/Jun/16 ]

It will be disappear after LU-6971 patch (http://review.whamcloud.com/#/c/19789/) applied.

Comment by John Hammond [ 20/Jun/16 ]

Still seeing this after http://review.whamcloud.com/#/c/19789/ landed. I think we can remove the sec_level parameter entirely. Fan Yong do you see any reason to keep it?

Comment by Gerrit Updater [ 20/Jun/16 ]

John L. Hammond (john.hammond@intel.com) uploaded a new patch: http://review.whamcloud.com/20879
Subject: LU-8298 sec: remove obsolete sec_level parameter
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 9e6bb7777541c02a8ceb9e5634bf1f58544916b9

Comment by nasf (Inactive) [ 20/Jun/16 ]

Still seeing this after http://review.whamcloud.com/#/c/19789/ landed. I think we can remove the sec_level parameter entirely. Fan Yong do you see any reason to keep it?

Currently, the sec_level is almost meaningless. I am fine to cleanup related code, just one concern about the interoperability issue when upgrade. If some customer has ever specified sec_level as conf parameter, then removing such interface may cause the new server does not recognise the old configuration after upgrading: either confused waring message or start failure. So please verify that, if happened, we can:
1) simply the interface as empty stub there for some time, or
2) add some special handling in class_process_proc_param().

Comment by nasf (Inactive) [ 24/Jun/16 ]

I have verified the upgrading case, and updated the class_process_proc_param() in the patch to handle sec_level specially.

Comment by Gerrit Updater [ 11/Jul/16 ]

Oleg Drokin (oleg.drokin@intel.com) merged in patch http://review.whamcloud.com/20879/
Subject: LU-8298 sec: remove obsolete sec_level parameter
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 881e4d68346be5623c4045dad0d6a50d4954f6fb

Comment by nasf (Inactive) [ 12/Jul/16 ]

The patch has been landed to master.

Generated at Sat Feb 10 02:16:19 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.