Re: F35 3x slower boot than F34

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2021-09-03 at 15:57 -0600, Chris Murphy wrote:
> On Fri, Sep 3, 2021 at 1:32 PM Stephen Gallagher <sgallagh@xxxxxxxxxx> wrote:
> 
> > So it appears to be an SELinux issue. I suspect but cannot prove that
> > it's related to a number of AVCs related to DBUS that I see in
> > selinux-troubleshooter.
> 
> I'm only seeing two AVC's which repeat but not a lot...
> 
> Sep 03 14:27:09 fovo.local audit[6300]: AVC avc:  denied  { write }
> for  pid=6300 comm="fprintd" name="wakeup" dev="sysfs" ino=28044
> scontext=system_u:system_r:fprintd_t:s0
> tcontext=system_u:object_r:sysfs_t:s0 tclass=file permissive=0
> Sep 03 14:27:09 fovo.local audit[6300]: AVC avc:  denied  { write }
> for  pid=6300 comm="fprintd" name="persist" dev="sysfs" ino=28037
> scontext=system_u:system_r:fprintd_t:s0
> tcontext=system_u:object_r:sysfs_t:s0 tclass=file permissive=0
> 
> But enforcing=0 makes the boot time under 9s which is... awesome.
> Better than 34.

Those fprintd denials shouldn't cause any issues. It just means fprintd
cannot reconfigure the USB devices for its suspend/resume handling. It
would be nice if it worked, but it is *not* a regression if it doesn't
work.

The upstream bug for this is:
  https://github.com/fedora-selinux/selinux-policy/issues/840

Benjamin

> I get more AVC's with enforcing=0, in fact... oh my that's a lot of
> selinux bugs reported already against 35
> 
> https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&classification=Fedora&component=selinux-policy&list_id=12120743&product=Fedora&query_format=advanced&version=35
> 
> But fprintd doesn't show up in any. So I will change the component to
> selinux-policy.
> 
> 
> 
> 
> --
> Chris Murphy
> _______________________________________________
> devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
> Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux