[393] in athena10
Re: Simulating an AFS outage
daemon@ATHENA.MIT.EDU (Bill Cattey)
Wed Aug 6 14:16:54 2008
From: Bill Cattey <wdc@MIT.EDU>
To: Jonathan D Reed <jdreed@mit.edu>
Cc: athena10@mit.edu
In-Reply-To: <Pine.LNX.4.64L.0808060922020.13701@infinite-loop.mit.edu>
Content-Type: text/plain
Date: Wed, 06 Aug 2008 14:16:06 -0400
Message-Id: <1218046566.16937.3.camel@localhost.localdomain>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
I agree with jdreed that getting failsafe to work correctly is very
important. We're trying to eliminate work tasks by de-supporting the
"create login with homedir in /tmp" functionality by relying upon a
working failsafe login environment.
--
-Bill
----
William Cattey
Linux Platform Coordinator
MIT Information Services & Technology
N42-040M, 617-253-0140, wdc@mit.edu
http://web.mit.edu/wdc/www/
On Wed, 2008-08-06 at 09:41 -0400, Jonathan D Reed wrote:
> I've been attempting to test what happens in the event of the user's AFS
> homedir not being available. So far, it's not great:
>
> After login, it will grind for a while, and then eventually report that my
> home directory could not be found. It then asks if I want to log in
> anyway with root (/) as my homedir (!), but says things are unlikely to
> work unless I select a failsafe session. If I click "Yes", then get an
> error about the ".dmrc" file being ignored. Then, I get the "Your session
> lasted less than 10 seconds" error. Viewing xsession errors shows a bunch
> of errors for being unable to create the standard Nautilus directories in
> /mit/jdreed (Desktop, Templates, Public (namespace collision here?!),
> Documents, Music, etc). seahorse-agent complains via libgnomevfs that it
> can't create /mit/jdreed/.gnome2, and then the session fails.
>
> So, I try again, and select a failsafe session (which is not intuitive).
> My xsession still only lasts 10 seconds, and gnome-session complains about
> being unable to create ~/.gnome2.
>
> I also tried to use the "Secure remote connection" gdm option, but that
> doesn't actually seem to do anything (it behaves identically to me
> attempting to log in normally).
>
> N.B. Simulating an AFS outage was accomplished by using iptables to send
> all packets from my homedir's file server to the DROP target. If that's
> not the correct way to do it, I'll happily retest.
>
> I also tested this with my test account to ensure that there wasn't
> anything weird with my account.
>
> This kind of sucks. Is there any better way we can deal with this that
> doesn't involve heavy customization of the login code? I'd like to see
> one of the following:
>
> - gdm says something like "Your AFS home directory is unavailable, please
> try again later."
> - gdm offers to give the user a tty session to athena.dialup
> - Failsafe works correctly (see below)
>
> And while we're at it, Failsafe itself seems a little broken. While it
> didn't run .startup.X, it still seems to run .environment and .cshrc.mine.
> At least, after logging in with failsafe, and opening a Terminal window,
> all my aliases (from .cshrc.mine) are there, along with some environment
> variables I set in .environment.
>
> -Jon
>
