[OpenAFS] accessing /afs processes go into device wait

John Sopko sopko@cs.unc.edu
Fri, 9 Nov 2018 10:45:39 -0500

Thanks for the explanation. I had never had this issue for years, my
guess is we have more .htaccess files being created and accessed in
afs. After researching when a .htaccess file is encountered, the
server then traverses up the file system looking for .htacces files in
all parent directories. By default apache configures / with
"AllowOverride None" which tells the server .htaccess is not allowed
and don't traverse. I added /afs and our cell as show below, no need
to look for .htaccess in these top level directories.

# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
# First, we configure the "default" to be a very restrictive set of
# features.
<Directory />
    Options FollowSymLinks
    AllowOverride None

<Directory /afs>
    AllowOverride None
<Directory /afs/cs.unc.edu>
    AllowOverride None
<Directory /afs/.cs.unc.edu>
    AllowOverride None

On Thu, Nov 8, 2018 at 3:42 PM Jeffrey Altman <jaltman@auristor.com> wrote:
> On 11/8/2018 12:22 PM, John Sopko wrote:>
> > I am running afsd with:
> >
> > /usr/vice/etc/afsd -dynroot -fakestat-all -afsdb
> -dynroot
> do not mount a root.afs volume. instead populate the /afs directory
> with the results of cell lookups
> -afsdb
> if the requested name does not match a cell found in the CellServDB
> file, query DNS first for SRV records and if no match, then AFSDB
> records
> Note that default RHEL6 configuration for the DNS resolver does not
> cache negative DNS results.
> An attempt to open /afs/.htaccess therefore results in DNS queries for
> "htaccess" plus whatever domains are in the search list. If the search
> list is cs.unc.edu and unc.edu then for each access there will be the
> following DNS queries
> SRV _afs3-vlserver._udp.htaccess.cs.unc.edu
> SRV _afs3-vlserver._udp.unc.edu
> AFSDB htaccess.cs.unc.edu
> AFSDB htaccess.unc.edu
> You can add a dummy htaccess.cs.unc.edu entry to CellServDB. You can
> add a blacklist for that name. You can stop using -afsdb or you can
> stop using -dynroot and rely upon a locally managed root.afs volume.
> Jeffrey Altman

John W. Sopko Jr.
University of North Carolina
Computer Science Dept CB 3175
Chapel Hill, NC 27599-3175

Fred Brooks Building; Room 140
Computer Services Systems Specialist
email: sopko AT cs.unc.edu
phone: 919-590-6144