site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com I'm wondering if anyone has had similar experiences, and if anyone knows what error code 19777 actually means? <key>MachServices</key> <dict> <key>com.apple.gssd</key> <dict> <key>TaskSpecialPort</key> <integer>8</integer> </dict> </dict> Note that 8 == TASK_GSSD_PORT. <http://developer.apple.com/technotes/tn2005/tn2083.html#FIGLAUNCHTREE> <http://developer.apple.com/samplecode/BootstrapDump/index.html> S+E -- Quinn "The Eskimo!" <http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... At 18:13 +0800 6/2/08, Roger Herikstad wrote: I'm not entirely sure what's going on in your specific setup, but I can give you some background that might be helpful. I investigated this error when helping a developer with mounting SMB volumes from a pre-login context (for the Apple folks following along at home, that's <sonr://Request/37259404> leading to <rdar://problem/5642963>). There are at least three network file systems that support Kerberos: AFP, SMB, and NFS. For historical reasons AFP's implementation is somewhat wacky and is not relevant to this discussion. SMB and NFS, however, share the same architecture. Specifically, they both use GSS. There's no GSS library in the kernel. If SMB or NFS need to do Kerberos work, they pass the work off to a user space helper process, <x-man-page://8/gssd>. They talk to this agent via a task special port (TASK_GSSD_PORT). This port is connected to an instance of "gssd". This relationship is set up by launchd. Specifically, the "gssd" launchd property list file ("/System/Library/LaunchDaemons/com.apple.gssd.plist") contains some properties that tell launchd that "gssd" is responsible for this special port: By default, this port is inherited from parent to child. However, when you log in, launchd learns about a new job ("/System/Library/LaunchAgents/com.apple.gssd-agent.plist") and that overrides the TASK_GSSD_PORT. The end result is that, for each user, there is an instance of "gssd" running in that user's context (specifically, in the launchd background session) that is responsible for that user's GSS needs. Any process launched by that user should inherit a TASK_GSSD_PORT that references their "gssd", and thus kernel operation done by that process will end up talking to the correct per-user "gssd". To be clear, the per-user "gssd" runs in the same context as "CCacheServer", as shown in Figure 3 of Technote 2083. And the single global "gssd" runs in the same context as "configd" in that same figure. My experience is that you get this error when a process running kernel code (in your case nfs, in my case smbfs) does some Kerberos operation and ends up talking to the wrong "gssd". The most likely scenario is that its inherited a reference to the global "gssd". It could be that SGE is starting user code in the global bootstrap namespace. That's generally a bad idea. You can test this theory by using "BootstrapDump MAP" to see what bootstrap context your code is running in. This email sent to site_archiver@lists.apple.com