Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

10.4: Avoid kernel panics with the Contivity VPN Client Apps
Tiger only hintThe Contivity VPN client (version 3.3) is causing a kernel panic when you want to stop it. As it is stops when you shut down or restart the computer, it means that sometimes your computer will go into a kernel panic instead of restarting or powering off. This was almost systematic before 10.4.2. However, I'm used to stopping the VPN client when unused, and since I upgraded to 10.4, I can't do it anymore.

The kernel panics happens when unloading the Contivity kernel extension, or sometimes after doing any non-realated action with Contivity). So the workaround is to remove the command that unloads the Contivity kernel extension. I have not really found any drawback to this. And since I have done this, I can now stop and start the Contivity daemon using these commands:
 sudo /Library/StartupItems/Nleac/Nleac stop
 sudo /Library/StartupItems/Nleac/Nleac start
You'll need administrator privileges to make the change.

Here's how to do it:
  1. sudo cp /Library/StartupItems/Nleac/Nleac /Library/StartupItems/Nleac/Nleac.ori

  2. sudo chown /Library/StartupItems/Nleac/Nleac

  3. chmod +w /Library/StartupItems/Nleac/Nleac

  4. Open the Nleac script using your favorite editor, and look for the following code:
    # Stops the Netlock EAC.
    stop_km() {
      kmp=`ps -x | grep nleac | grep -v grep | awk '{ print $1 }'`
      inmp=`ps -x | grep inm | grep -v grep | awk '{ print $1 }'`
      kill -9 $kmp $inmp
    
      # Not sure this is needed or desired.
      unload_kext
    }
    
    Just comment out the unload_kext, as shown:
    # Stops the Netlock EAC.
    stop_km() {
      kmp=`ps -x | grep nleac | grep -v grep | awk '{ print $1 }'`
      inmp=`ps -x | grep inm | grep -v grep | awk '{ print $1 }'`
      kill -9 $kmp $inmp
    
      # Not sure this is needed or desired.
      #unload_kext
    }
    
    Personally, I have also removed the -9 option from the kill command, as I prefer to normally end processes whenever possible. All that's left is to restore ownership and rights...

  5. chmod -w /Library/StartupItems/Nleac/Nleac

  6. sudo chown root /Library/StartupItems/Nleac/Nleac
You are done, enjoy!
    •    
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)
 
[14,858 views]  

10.4: Avoid kernel panics with the Contivity VPN Client | 6 comments | Create New Account
Click here to return to the '10.4: Avoid kernel panics with the Contivity VPN Client' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: Avoid kernel panics with the Contivity VPN Client
Authored by: mnot on Oct 26, '05 07:36:59AM

Interesting. I don't have any problems at all with 3.2. Wondering if I should upgrade...



[ Reply to This | # ]
10.4: Avoid kernel panics with the Contivity VPN Client
Authored by: sgasp on Oct 26, '05 11:55:57PM

Hi,

It happens as well with 3.2. It did improve with 10.4.2. In fact I suspect the extension to corrupt the kernel when unloaded. So on 10.4.2 the corruption seems less critical and allow the system to shutdown.

On 10.4.1 it was almost systematic, very less frequent on 10.4.2.

without my patch try
sudo /Library/StartupItems/Nleac/Nleac restart

You should experience a kernel panic.

I have traced system call when unloading and there is things going wrong.
Apani is aware of the issue since June, but I guess there is not enough people complaining for them to solve the issue.



[ Reply to This | # ]
10.4: Avoid kernel panics with the Contivity VPN Client
Authored by: merlyn on Oct 26, '05 09:12:14AM
kill -9 $kmp $inmp
I really, really wish people would stop using kill -9 like this in scripts.

That's just like always using "force quit" instead of command-Q to stop programs. It's a really bad idea. Use it only in an emergency.

[ Reply to This | # ]

10.4: Avoid kernel panics with the Contivity VPN Client
Authored by: Shiver758 on Oct 27, '05 01:21:33AM

I'm just jealous you've got the client at all.

We use contivity in my office to connect to a client's firewall to work on our servers in their environ. but they don't have a license for the Mac client, so we don't get to use it.

Sigh.



[ Reply to This | # ]
10.4: Avoid kernel panics with the Contivity VPN Client
Authored by: slb on Oct 27, '05 08:32:09AM

I've used every version on my 17" PB, and not one - including 3.3 has done this.
Not sure why you have this issue, but me and none of my clients do.

SB



[ Reply to This | # ]
10.4: Avoid kernel panics with the Contivity VPN Client
Authored by: sgasp on Jan 13, '06 07:30:50AM

It happens on two different machines I have tested.

It may be because of a diffrent memory configuration, I have 512MB and 1GB.

I have also some other product install like content barrier that could have interfer with contivity.
But on previous contivity version I have tried on a clean installed and get the same issue.

What is sure is that when you do a kernel trace, when the extension is unloaded you get a lot of error before getting the Kernel Panic.



[ Reply to This | # ]