Re: gssd-agent: Minor error <1> Unknown Error Code: 19777
Re: gssd-agent: Minor error <1> Unknown Error Code: 19777
- Subject: Re: gssd-agent: Minor error <1> Unknown Error Code: 19777
- From: Quinn <email@hidden>
- Date: Wed, 6 Feb 2008 13:57:09 +0000
At 18:13 +0800 6/2/08, Roger Herikstad wrote:
I'm wondering if anyone has had similar experiences, and if anyone
knows what error code 19777 actually means?
I'm not entirely sure what's going on in your specific setup, but I
can give you some background that might be helpful. I investigated
this error when helping a developer with mounting SMB volumes from a
pre-login context (for the Apple folks following along at home,
that's <sonr://Request/37259404> leading to <rdar://problem/5642963>).
There are at least three network file systems that support Kerberos:
AFP, SMB, and NFS. For historical reasons AFP's implementation is
somewhat wacky and is not relevant to this discussion. SMB and NFS,
however, share the same architecture. Specifically, they both use
GSS.
There's no GSS library in the kernel. If SMB or NFS need to do
Kerberos work, they pass the work off to a user space helper process,
<x-man-page://8/gssd>. They talk to this agent via a task special
port (TASK_GSSD_PORT). This port is connected to an instance of
"gssd". This relationship is set up by launchd. Specifically, the
"gssd" launchd property list file
("/System/Library/LaunchDaemons/com.apple.gssd.plist") contains some
properties that tell launchd that "gssd" is responsible for this
special port:
<key>MachServices</key>
<dict>
<key>com.apple.gssd</key>
<dict>
<key>TaskSpecialPort</key>
<integer>8</integer>
</dict>
</dict>
Note that 8 == TASK_GSSD_PORT.
By default, this port is inherited from parent to child. However,
when you log in, launchd learns about a new job
("/System/Library/LaunchAgents/com.apple.gssd-agent.plist") and that
overrides the TASK_GSSD_PORT. The end result is that, for each user,
there is an instance of "gssd" running in that user's context
(specifically, in the launchd background session) that is responsible
for that user's GSS needs. Any process launched by that user should
inherit a TASK_GSSD_PORT that references their "gssd", and thus
kernel operation done by that process will end up talking to the
correct per-user "gssd".
To be clear, the per-user "gssd" runs in the same context as
"CCacheServer", as shown in Figure 3 of Technote 2083. And the
single global "gssd" runs in the same context as "configd" in that
same figure.
<http://developer.apple.com/technotes/tn2005/tn2083.html#FIGLAUNCHTREE>
My experience is that you get this error when a process running
kernel code (in your case nfs, in my case smbfs) does some Kerberos
operation and ends up talking to the wrong "gssd". The most likely
scenario is that its inherited a reference to the global "gssd". It
could be that SGE is starting user code in the global bootstrap
namespace. That's generally a bad idea.
You can test this theory by using "BootstrapDump MAP" to see what
bootstrap context your code is running in.
<http://developer.apple.com/samplecode/BootstrapDump/index.html>
S+E
--
Quinn "The Eskimo!" <http://www.apple.com/developer/>
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden