spurious mounts issued by gdm at login

Latest response

As we've been experimenting with redhat 7 in our environment to plan our move of 30 clients and a server to it (from 6.5) this summer, I noticed some very strange behavior which has since been attributed to gdm. We use NFS-automounted home directories, and the two machines running RH7 for a testing environment (to port all of our kickstart customizations to) had had GNOME3 installed using the default options. This means that the login screen displayed a user list that showed a history of all users that had previously logged in.
I noticed in the logs of the server that there were a large number of strange NFS home directory mounts appearing that I could not explain. After a day of debugging I managed to tie it down to the gdm login screen. It seems that every time one user who appeared in the login menu logged onto the system, GDM touched the home directory of each user in the user list. This resulted in a number of unnecessary automounts (and umounts after timeout) each time a user logged in. To make matters worse, these spurious mounts occurred even if the user in question ssh-ed to the machine rather than logging in at the GUI!
I have attached some scrubbed lines of the messages and secure log file output from the server below to show a set of mounts and umounts that happen when an ssh connection is initiated. The machine in question only had three users in the user list, so the burden on the server was on onerous. However, our environment has about 500 student accounts, and each user can log into any system. I was anticipating 50 or so spurious mounts whenever a user logged on to any system.. a fiasco waiting to happen.
(I had to put this line in to avoid the next paragraph displaying huge (sigh):)
The solution was to disable the userlist using a dconf settings file in /etc/dconf/db/gdm.d. I can post the entire solution if necessary, but I still dont understand why all these mounts were occurring. Here's the data:
.......................................................................................................
--The GNOME3 login list includes gboyd, awong and ojames. The machine
--'homer' is the same as XX.31 (ip address removed)

--At 08:51 user gboyd logs on via ssh

Jan 21 08:51:57 homer sshd[31714]: pam_unix(sshd:session): session opened for user gboyd by (uid=0)

--gnome issues 3 mount requests - one for each home directory in its login list

Jan 21 08:51:56 shelbyville rpc.mountd[3201]: authenticated mount request from XXX.31:873 for /home/gboyd (/home)
Jan 21 08:51:58 shelbyville rpc.mountd[3201]: authenticated mount request from XXX.31:799 for /students/ojames (/students)
Jan 21 08:51:58 shelbyville rpc.mountd[3201]: authenticated mount request from XXX.31:865 for /home/awong (/home)

--a few minutes later the unused mounts timeout and are unmounted:

Jan 21 08:57:33 shelbyville rpc.mountd[3201]: authenticated unmount request from XXX.31:674 for /students/ojames (/students)
Jan 21 09:02:43 shelbyville rpc.mountd[3201]: authenticated unmount request from XXX.31:738 for /home/awong (/home)

--at 09:11, the session is closed by gboyd. This results in the other users in
--the login list having their home directories mounted again. Note gboyd's is not
--mounted since it already is. It should be unmounted, but it is not...

Jan 21 09:11:46 shelbyville rpc.mountd[3201]: authenticated mount request from XXX.31:735 for /students/ojames (/students)
Jan 21 09:11:46 shelbyville rpc.mountd[3201]: authenticated mount request from XXX.31:719 for /home/awong (/home)

--A few minutes later, the spurious mounts time out and are unmounted, along with
--gboyd's mount:

Jan 21 09:17:43 shelbyville rpc.mountd[3201]: authenticated unmount request from XXX.31:627 for /home/awong (/home)
Jan 21 09:17:43 shelbyville rpc.mountd[3201]: authenticated unmount request from XXX.31:630 for /home/gboyd (/home)
Jan 21 09:18:48 shelbyville rpc.mountd[3201]: authenticated unmount request from XXX.31:657 for /students/ojames (/students)

--The process continues with the next login:

Jan 21 09:45:27 homer sshd[2355]: pam_unix(sshd:session): session opened for user gboyd by (uid=0)

Jan 21 09:44:30 shelbyville rpc.mountd[3201]: authenticated mount request from XXX.31:1005 for /home/gboyd (/home)
Jan 21 09:45:29 shelbyville rpc.mountd[3201]: authenticated mount request from XXX.31:965 for /students/ojames (/students)
Jan 21 09:45:29 shelbyville rpc.mountd[3201]: authenticated mount request from XXX.31:854 for /home/awong (/home)

--This all disappeared when the login-list was disabled in gdm using
-- dconf.
...........................................................................................

about our environment: still using NIS for student accounts on this local subnet (behind a firewall and not exposed to the Internet), with NFS-automounted home directories.

bu

Responses