On Fri, Nov 13, 2020 at 4:00 PM Ed Greshko <ed.greshko@xxxxxxxxxxx> wrote:
> Looking at https://bbs.archlinux.org/viewtopic.php?id=256614 and the URL's contained within
> it seems doing a
>
> dd if=/dev/zero of=/fedora.swap bs=1M count=2048 status=progress
>
> may cure the w(hole) issue. :-)
>
Sorry, the count above was for a 2GB swap file. Increase it to cover your 8GB file.
dd if=/dev/zero of=/fedora.swap bs=1M count=8192 status=progress
This command has partially solved my problem
But I have a couple of questions,
1) Why doesn't fallocate work anymore ?
2) I tried dd if=/dev/zero of=/fedora.swap bs=1 count=0 seek=8G
This did not work. swapon complained about files being full of holes.
What is so special about bs=1M ?
I now have a new problem.
SELinux is preventing systemd-logind to read the swap file.
Here is the message:
SELinux is preventing systemd-logind from read access on the file /fedora.swap.
***** Plugin restorecon (99.5 confidence) suggests ************************
If you want to fix the label.
/fedora.swap default label should be etc_runtime_t.
Then you can run restorecon. The access attempt may have been stopped due to insufficient permissions to access a parent directory in which case try to change the following command accordingly.
Do
# /sbin/restorecon -v /fedora.swap
***** Plugin catchall (1.49 confidence) suggests **************************
If you believe that systemd-logind should be allowed read access on the fedora.swap file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'systemd-logind' --raw | audit2allow -M my-systemdlogind
# semodule -X 300 -i my-systemdlogind.pp
Additional Information:
Source Context system_u:system_r:systemd_logind_t:s0
Target Context unconfined_u:object_r:swapfile_t:s0
Target Objects /fedora.swap [ file ]
Source systemd-logind
Source Path systemd-logind
Port <Unknown>
Host localhost.HPNotebook
Source RPM Packages
Target RPM Packages
SELinux Policy RPM selinux-policy-targeted-3.14.5-44.fc32.noarch
Local Policy RPM selinux-policy-targeted-3.14.5-44.fc32.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name localhost.HPNotebook
Platform Linux localhost.HPNotebook 5.8.18-200.fc32.x86_64
#1 SMP Mon Nov 2 19:49:11 UTC 2020 x86_64 x86_64
Alert Count 3
First Seen 2020-11-13 17:59:22 IST
Last Seen 2020-11-13 17:59:22 IST
Local ID 375aec7e-f77d-47ab-865a-f83a47c12423
Raw Audit Messages
type=AVC msg=audit(1605270562.371:320): avc: denied { read } for pid=1256 comm="systemd-logind" name="fedora.swap" dev="dm-2" ino=13 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=unconfined_u:object_r:swapfile_t:s0 tclass=file permissive=0
Hash: systemd-logind,systemd_logind_t,swapfile_t,file,read
***** Plugin restorecon (99.5 confidence) suggests ************************
If you want to fix the label.
/fedora.swap default label should be etc_runtime_t.
Then you can run restorecon. The access attempt may have been stopped due to insufficient permissions to access a parent directory in which case try to change the following command accordingly.
Do
# /sbin/restorecon -v /fedora.swap
***** Plugin catchall (1.49 confidence) suggests **************************
If you believe that systemd-logind should be allowed read access on the fedora.swap file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'systemd-logind' --raw | audit2allow -M my-systemdlogind
# semodule -X 300 -i my-systemdlogind.pp
Additional Information:
Source Context system_u:system_r:systemd_logind_t:s0
Target Context unconfined_u:object_r:swapfile_t:s0
Target Objects /fedora.swap [ file ]
Source systemd-logind
Source Path systemd-logind
Port <Unknown>
Host localhost.HPNotebook
Source RPM Packages
Target RPM Packages
SELinux Policy RPM selinux-policy-targeted-3.14.5-44.fc32.noarch
Local Policy RPM selinux-policy-targeted-3.14.5-44.fc32.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name localhost.HPNotebook
Platform Linux localhost.HPNotebook 5.8.18-200.fc32.x86_64
#1 SMP Mon Nov 2 19:49:11 UTC 2020 x86_64 x86_64
Alert Count 3
First Seen 2020-11-13 17:59:22 IST
Last Seen 2020-11-13 17:59:22 IST
Local ID 375aec7e-f77d-47ab-865a-f83a47c12423
Raw Audit Messages
type=AVC msg=audit(1605270562.371:320): avc: denied { read } for pid=1256 comm="systemd-logind" name="fedora.swap" dev="dm-2" ino=13 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=unconfined_u:object_r:swapfile_t:s0 tclass=file permissive=0
Hash: systemd-logind,systemd_logind_t,swapfile_t,file,read
I don't know much about SELinux, can you help me fix the label ?
How can I fix the label as described here?
If you want to fix the label.
/fedora.swap default label should be etc_runtime_t.
/fedora.swap default label should be etc_runtime_t.
Regards,
Sreyan Chakravarty
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
