From 35c5af5a9cd428777c5f6f32a5bfedfd0aff6dac Mon Sep 17 00:00:00 2001
From: Robin Sonnabend <robin@fsmpi.rwth-aachen.de>
Date: Sat, 25 Feb 2017 15:13:38 +0100
Subject: [PATCH] Ensure the kernel key storage quote is not reached, so
 idmapping works

---
 nfs-client/handlers/main.yml | 3 +++
 nfs-client/tasks/main.yml    | 9 +++++++++
 2 files changed, 12 insertions(+)

diff --git a/nfs-client/handlers/main.yml b/nfs-client/handlers/main.yml
index cad9209..6697abf 100644
--- a/nfs-client/handlers/main.yml
+++ b/nfs-client/handlers/main.yml
@@ -9,3 +9,6 @@
 
 - name: reload sysfs.conf
   service: name=sysfsutils state=restarted
+
+- name: reload sysctl
+  command: sysctl -p
diff --git a/nfs-client/tasks/main.yml b/nfs-client/tasks/main.yml
index b79fc79..f47f6de 100644
--- a/nfs-client/tasks/main.yml
+++ b/nfs-client/tasks/main.yml
@@ -39,6 +39,15 @@
     - sysfs
     - config
 
+- name: ensure the kernel key storage quote used for idmapping is sufficiently high
+  sysctl: name=kernel.keys.root_maxkeys state=present value=1000 # default is 200, this quote was reached
+  notify:
+    - reload sysctl
+  tags:
+    - nfs-client
+    - sysctl
+    - config
+
 # makes life much easier to have an automounter and not /etc/fstab
 - name: ensure automounter is installed
   apt: name=autofs state=latest
-- 
GitLab