On Thu, Dec 07, 2006 at 03:05:06PM +0000, Matt Doidge wrote:
> Hello chaps and chappettes,
>
> I've got a bit of a mystery here today involving Lancaster repeatedly
> failing the ops replica manager sfts. Checking the error messages they
> were having permission denied problems. I followed it up, and sure
> enough the directory /pnfs/lancs.ac.uk/data/ops/generated/2006-12-07/
> was owned by root:root. I manually switched it to the correct
> permissions, which seems to make the sft jobs happier, and now I'm
> trying to figure out why such an oddity happened.
>
> Checking the billing db and logs it seems like there was no access by
> ops prior to the permission change this afternoon. Checking my other
> logs lead me to mystery number 2- none of my log files are being
> filled since I restarted dcache on Tuesday, which is quite worrying.
> As far as I can see there's nothing that I changed that would have
> effected things (I was going to change which directory the billing
> logs were sent to, but in the chaos of the AC breakdown I forgot to
> set it).
>
> So I have 2 mysteries here, and no easy way to check what happened to
> cause them. Anyone seen similar phenomena? Brian reckons there have
> been sightings of pnfs directories being created with the root
> permissions before (perhaps at RAL?) but I'm afraid I couldn't track
> the case down. The empty log files are particular worrying, in fact
> they're the stuff of sysadmin nightmares. But other then restarting
> dcache and hoping (which for one would annoy the 20 or so people
> transfering files at the moment) I'm not sure what to do!
You have to increase the logging in dcache, the default of 2 only
logs errors now it seems.
As for the root issue I don't really now but since the nfs side of
pnfsd is really old and allows attacks that where fixed 10 years
ago. As long as a firewall doesn't get in the way any user can
make changes to your pnfs files fairly easilly.
It could be something else of course that caused the change.
Kostas
|