Bug 189856 - Latest SELinux Patch breaks Udev
Latest SELinux Patch breaks Udev
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
4
All Linux
medium Severity medium
: ---
: ---
Assigned To: Eric Paris
https://bugzilla.redhat.com/bugzilla/...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-04-25 04:58 EDT by Johannes Vieweg
Modified: 2007-11-30 17:11 EST (History)
6 users (show)

See Also:
Fixed In Version: FC5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-23 12:12:19 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Extract of /var/log/messages (81.28 KB, text/plain)
2006-04-25 04:58 EDT, Johannes Vieweg
no flags Details
Actual audit.log (2.67 MB, application/octet-stream)
2006-04-27 12:09 EDT, Johannes Vieweg
no flags Details

  None (edit)
Description Johannes Vieweg 2006-04-25 04:58:32 EDT
Description of problem:

Since the last update of SELinux to version 1.27.1-2.28 causes heavy problems
with udev. The boot process takes 10 minutes from beginning to login. 
After the boot process, it takes about 5 minutes until the system is usable. The
 output of ps aux shows 3 udev processes which consumes 99% of CPU.

The output of /var/log/messages is attached.

How reproducible:


Steps to Reproduce:
1. Update selinux to 1.27.1-2.28.
2. Enable SELinux.
3. Reboot system.
  
Actual results:

The actual workaround for me is to disable SELinux.

Expected results:

Enabled SELinux and normal startup.
Comment 1 Johannes Vieweg 2006-04-25 04:58:32 EDT
Created attachment 128187 [details]
Extract of /var/log/messages
Comment 2 Harald Hoyer 2006-04-25 05:34:02 EDT
hm... reassigning to selinux
Comment 3 Ian Rees 2006-04-25 10:59:43 EDT
Referred here by "nphilipp" on #fedora (freenode.)

I experienced a similar issue on a new install of FC5 (first 'real' reboot after the system had been installed 
for a few days.)

Selecting 2.6.16 would cause the system to hang on 'Booting kernel.' 
2.6.15 would boot fine.

I disabled selinux (selinux=off) and it works fine for 2.6.16. 

udev version is 084-13
Comment 4 Daniel Walsh 2006-04-26 08:09:54 EDT
Are you seeing anything in the /var/log/audit/audit.log file?

There are no avc messages in the attached log file.  Does booting with
enforcing=0  on the command line work proberly?
Comment 5 James Morris 2006-04-26 22:52:06 EDT
I've just installed a fresh FC4 system and done a full update to current stable
releases, including selinux-policy-targeted-1.27.1-2.28.

I'm not seeing any problems at all.

Can you verify whether your entire system is updated to the latest packages?
Comment 6 Johannes Vieweg 2006-04-27 11:44:47 EDT
(In reply to comment #5)
> I've just installed a fresh FC4 system and done a full update to current 
stable
> releases, including selinux-policy-targeted-1.27.1-2.28.
> I'm not seeing any problems at all.
> Can you verify whether your entire system is updated to the latest packages?

The installed package version of selinux is:
selinux-policy-targeted-sources-1.27.1-2.28

The installed package version of udev is:
udev-071-0.FC4.3

The used kernel is 2.6.16-1.2096_FC4. I choosed several kernels, but without 
any changes. I guess it's a problem of the installed udev.
I started yum update again, but the udev package is not updated today.
Comment 7 Johannes Vieweg 2006-04-27 12:09:16 EDT
Created attachment 128311 [details]
Actual audit.log
Comment 8 Johannes Vieweg 2006-04-27 12:21:01 EDT
(In reply to comment #4)
> Are you seeing anything in the /var/log/audit/audit.log file?

I don't see anything special in the audit.log.
Comment 9 Dave Jones 2006-05-29 00:30:54 EDT
The reason of the slowdown is that the udev process is being killed & restarted
because for some reason it's using up all the available memory.

Is this still happening with all the latest updates applied ?
Comment 10 Johannes Vieweg 2006-05-29 11:25:53 EDT
(In reply to comment #9)
> Is this still happening with all the latest updates applied ?

Yes, the versions are still the same like in comment #6, except the kernel
version, now kernel 2.6.16-1.2111_FC4 is running. I checked if there is a newer
verion of udev (with repoquery --nvr) but I already installed the latest version
of udev.

Maybe only an upgrade to FC5 will help me.
Comment 11 Harald Hoyer 2006-05-29 11:29:35 EDT
hmm.. so I will update udev for FC4... oh my..
Comment 12 Rickey Moore 2006-05-30 00:21:30 EDT
I'm running kernel 2.6.16-1.2122_FC5 and still having the problem, which I did
not have with FC4
Comment 13 Harald Hoyer 2006-05-30 05:13:30 EDT
did you guys try to relabel everything?
# touch /.autorelabel
# reboot
Comment 14 Johannes Vieweg 2006-05-30 07:55:50 EDT
(In reply to comment #13)
> did you guys try to relabel everything?
> # touch /.autorelabel
> # reboot

Yes. I relabeld my system last night - without any changes of the udev behaviour. 

Comment 15 Eric Paris 2006-06-14 16:21:14 EDT
I'm pretty sure bug 174557 would have helped to decrease memory usuage of udev.
 From the log it looks like udev keeps getting killed because the system keeps
running out of memory.  But it also requires and upgrade of libselinux.  Are you
able to upgrade these 2 pieces?
Comment 16 Rickey Moore 2006-06-18 02:58:37 EDT
I re-installed with CD's to FC5 and overwrote everything from scratch
installation. That fixed the problem. :( 
Comment 17 Dave Jones 2006-07-29 00:54:29 EDT
Johannes, are you still having problems with the latest updates ?
Comment 18 Johannes Vieweg 2006-07-31 03:09:00 EDT
(In reply to comment #17)
> Johannes, are you still having problems with the latest updates ?
> 

Yes, I had these problems, so I decided to upgrade to FC5. The last update I did
was last monday with a normal 'yum update'.
Comment 19 Eric Paris 2006-08-04 12:16:57 EDT
I don't quite understand, do you still have problems with FC5 or are you saying
you had the problems until you upgraded to FC5?
Comment 20 Johannes Vieweg 2006-08-07 05:35:56 EDT
(In reply to comment #19)
> I don't quite understand, do you still have problems with FC5 or are you saying
> you had the problems until you upgraded to FC5?

I had the problems until I upgraded to FC5. Until the upgrade, I did a daily 
'yum update' in FC4, hoping the problem will be fixed. But the behaviour didn't
change. So I decided to leave FC4.

Note You need to log in before you can comment on or make changes to this bug.