Postings by Chris Murphy

Better interactivity in low-memory situations

This subject matches a Fedora Workstation Working Group issue of the
same name [1], and this post is intended to be an independent summary
of the findings so far, and call for additional testing and
discussion, in particular subject matter experts.

Problem and thesis statement:
Certain workloads, such as building webkitGTK from source, results in
heavy swap usage eventually leading to the system becoming totally

release criterion change proposal related to system logging on LiveOS


Summary: On Fedora LiveOS, e.g.
Fedora-Workstation-Live-x86_64-Rawhide-20190728.n.1.iso, the journal
is missing the first 20-30s of all boot/startup related messages. The
reason is a bit complicated, systemd-journald appears to have a bug
wanting keep_free space too high, and Fedora's lives have had
shrinking free space consistently over time as the "payload" gets

some man pages have bugs, can't be grep'd

I've been seeing this since clean installing Fedora 30. I don't recall
ever seeing it before, including on a Fedora 29 -> Fedora 30 upgraded
system (is now the clean installed system).

[chris@flap ~]$ man rpm | grep -C 10 rpmverbosity
<standard input>:176: warning [p 3, 0.8i]: cannot adjust line
[chris@flap mantest]$ man rpm >rpm.stdout 2>rpm.stderr
[chris@flap mantest]$ ll
-rw-rw-r--. 1 chris chris 62 Jul 16 14:24 rpm.stderr

always update the bootloader during major upgrades


This is not a formal proposal, this is for discussion and identifying
liabilities. This email has an x86 GRUB bias only because that's the
bootloader regime I'm most familiar with. I think it should apply to
other archs as well, i.e. their bootloaders shouldn't be permitted to
become stale.

Short version: Fedora should take responsibility for the bootloader
being up to date, by updating it during major version upgrades. This
is already the case on UEFI with conventional installations. I'd like
to make sure it always happens on major version upgrades for BIOS

Reporting is disabled because the generated backtrace has low informational value

I've got a 100% reproducible crash ([chris@flap ~]$ flatpak install
--from com.slack.Slack.flatpakref from and every time
abrt+retrace server puke on it as having low informational value.

That strikes me as either a bug in abrt or the package or libraries it
depends on but I can't figure out which.

$ sudo abrt-cli list
[sudo] password for chris:
Sorry, try again.
[sudo] password for chris:
id 645e5e13c63a70214dd45fe5514dae06d9ad395c
reason: flatpak killed by SIGSEGV
time: Sun 23 Jun 2019 07:28:19 PM MDT
cmdline: flatpak install --from com.slack.Slack.fl

encrypted swap with urandom key problem


I'm having a heck of a time trying to troubleshoot an indefinite hang
on startup due to setting up crypto swap on one of my laptops. At this
point it seems computer specific. I can't reproduce it on two other
(dissimilar) computers or any qemu-kvm VM.

Without any debugging enabled, the problem happens perhaps 1 in 10

LiveOS installs, /dev/loop1 100% CPU

I've filed a bug about this, but I'm not sure what else to test or add
to demonstrate where the problem is coming from.

wpa supplicant using /dev/random

Jun 05 15:53:25 fmac.local kernel: random: crng init done
Jun 05 15:53:25 fmac.local kernel: random: 7 urandom warning(s) missed
due to ratelimiting
Jun 05 15:53:25 fmac.local wpa_supplicant[1000]: random: Cannot read
from /dev/random: Resource temporarily unavailable
Jun 05 15:53:25 fmac.local wpa_supplicant[1000]: random: Got 20/20
bytes from /dev/random

Is this a bug? Should it be using /dev/urandom instead?

Fedora Media Writer isn't working on macOS

I filed a bug here:
<a href="" title=""></a>

However since that assigns it to mbriza who doesn't do binary signing
for Windows or macOS, I'm not certain that's the correct way to report
it. Maybe websites or release engineering?

abrt's usefulness for Firefox bug reporting

I've got a 100% reproducible crash[1] with Firefox on Wayland, but
I've run into a brick wall getting it properly reported.

Neither coredumpctl nor abrt even report a crash, so no coredump file
exists. I was advised in my bug report that abrt doesn't provide
useful information anyway [1], so I should collect it directly with

The problem I then encountered: the laptop becomes a hair dryer and
unresponsive for at least 60 minutes with zero crash information
written out, so I gave up.

F30 change, bootloaderspec by default

<a href="" title=""></a>

I want this change to succeed but I'm experiencing a regression, and
while trying to troubleshoot it I'm finding it difficult to understand
the myriad differences:

- I can't find the code. I assume all of it is in grub as blscfg.mod
and grub2-mkconfig and its associated scripts in /etc/grub.d but I'm
not seeing code or code reference in the change or here
<a href="" title=""></a>

- I can't find any documentation.

Signing Kernel Module with the Private Key

crossposting devel@ and kernel@ since it's both kernel and documentation related

I'm not finding an updated version of this documentation:
<a href="" title=""></a>

And when I follow that, copy/pasting the perl script is stomping on my
kernel modules, making them zero length files. I also can't tell from
the documentation if this perl script should work on xz compressed
kernel modules, which they are by default on Fedora.

many legit devel@ emails marked as spam by gmail (dmarc reject)

Semi-related to the "Attention Gmail users, please turn off HTML"
thread; anyone *not* using gmail (e.g. all Yahoo email users) are
having their emails put into spam by google mail.

hidden grub menu feature, bootloader writing to grubenv


The more I think about the bootloader writing to grubenv, the more I'm
not a fan. I'm really suspicious of even the general case of anything
doing (over)writes outside of the file system. Is block device writing
something all UEFI firmware support? Even with Secure Boot enabled?

Setting aside the default Workstation partitioning, some valid
alternative schemes that I expect are problematic:

- On UEFI, the installer supports (against all advice) using mdadm
raid1 to sync multiple EFI System partitions. GRUB writing to grubenv
is going to write to which device?

F29 hidden GRUB, problem testing and how to unhide

I've got a Fedora 29 Silverblue installation in a VM. First boot I see
the GRUB menu, and after that it's hidden. And I can't figure out how
to unhide it. Boot is failing before I get multiuser login or ssh, so
extracting information to troubleshoot/bug report isn't possible.

Repeatedly pressing or holding Esc doesn't work.
Spacebar doesn't work.
F8 doesn't work.

So now I'm stuck. Yeah, I can reinstall, and before rebooting make
sure whatever is hiding the GRUB menu is disabled, every time I do

intel microcode license change?

So this made HN:
<a href="" title=""></a>

I've downloaded both 20180703 and 20180807 firmware from Intel and the
two licenses are different, in particular with the usage of the term

When I downloaded the 20180807 version, there was no prompt for
license agreement, but there is a license file in the tgz. Whereas
when downloading the 20180703 version, there is a license agreement
prompt, but no license file in the tgz.

Anyway, should this be in koji until this is resolved?

how to troubleshoot performance problems that trigger kidle-inject


Example 1: Firefox, 1 tab open (Google Keep)
<a href="" title=""></a>

Example 2: Firefox, 1 tab open (my bank's web site)
<a href="" title=""></a>

It also happens with Chrome. It happens with Fedora's Firefox or
Mozilla Nightly.

Firefox is crashing constantly?

Since, firefox-60.0.1-5.fc28.x86_64 and unchanged with
firefox-60.0.1-6.fc28.x86_64 I'm getting a dozen random crashes per
day. It's not reproducible, near as I can tell, but happens often
whether clicking on a link, typing in a field, or just looking away
and having touched nothing.

Abrt points me to this bug. I attached the output from processing the
crash with coredumpctl gdb.

I guess maybe I'll revert to -4 and see if that solves the problem.

Fedora Media Writer for macOS, is not signed?


The Fedora Media Writer for macOS at is not signed. I
filed this bug a couple weeks ago but somehow lost track of it, and
also it's possibly not the right location for the bug report as it
relates to what's offered on

As I mention in the bug, it's not a big deal to use the work around
for unsigned binaries when testing.

troubleshooting bluetooth

Bluetooth mouse often (every 5-20 minutes) stops working, then
recovers after maybe 30 seconds.

Event has three phases: working, not working, recovery (working). I
have set -d on bluetoothd, but all messages happen once recovery has
happened. There are no kernel messages at the time of disconnect.

<a href="" title=""></a>

The same thing happens with btmon, there's a 10 second gap.

DNSSEC, DoH, dnscrypt-proxy 1 vs 2


I've been doing some digging around to figure out how to enhance DNS
security privacy, and it's really a rabbit hole. Fedora 28, not any
different near as I can tell from Windows 10 or macOS 10.13 is simply
deferring to DHCP assigned DNS which for my POS ISP is hardwired to
their DNS servers and can't be changed.

Then I ran into this ancient feature from Fedora 17:
<a href="" title=""></a>

Did that feature actually ship? Did it get undone soon thereafter?

microcode updates and spectre variant 2

Koji contains linux-firmware-20171215-82.git2451bb22.fc27 which
contains intel-ucode from 20171117.

wrong selinux label on user-1000.journal, AVC denials

Fedora 27 workstation. I'm getting selinux AVC denial messages in the
journal as a result of user-1000.journal having label
system_u:object_r:unlabeled_t:s0. It's the only log file with that
label, the other files and the directory its in have

The AVC message of course go away if I relabel /var/log/journal but
then maybe two weeks later the problem starts happening again when the
log gets rotated.

Retrace failed. Try again later and if the problem persists report this issue please.

I'm on a Fedora 27 Workstation system, dnf system-upgrade(d) from
Fedora 26. I've got a few crashes that gnome-abrt (Problem Reporting)
I've clicked on to report, but I get this message for all three of

Retrace job failed
Retrace failed.

grub2-tools problem is causing dnf system-upgrade failures, F26->F27

grub2-tools does not belong to a distupgrade repository, causes
software-upgrade failure
<a href="" title=""></a>

I've found at least three bug reports, each with some grub2 component
that has a problem with grub2-tools when doing F26 to F27 'dnf
system-upgrade download'.

I also ran into this problem during my upgrade, and removing
grub2-tools and grub2-efi-modules, which fixed my problem.

f26->f27 server upgrade, starting system activity accounting tool every 10 minutes

Fedora 26 Server was upgraded to Fedora 27 with 'dnf system-upgrade'
so it is no longer strictly the Server product I guess:
$ cat /etc/fedora-release
Fedora release 27 (Twenty Seven)

I'm seeing in the journal, a lot more activity than I'm used to.
Usually it's just once an hour, dnf makecache timer triggers.

f27, hostname changes from former to current during boot

Nov 11 20:37:26 f26s.localdomain systemd[1]: Reached target Switch Root.
Nov 11 20:37:26 f26s.localdomain systemd[1]: Starting Switch Root...
Nov 11 20:37:26 f26s.localdomain systemd[1]: Switching root.
Nov 11 20:37:26 f26s.localdomain systemd-journald[200]: Journal stopped
Nov 11 20:37:32 f27s.localdomain systemd-journald[200]: Received
SIGTERM from PID 1 (systemd).
Nov 11 20:37:32 f27s.localdomain kernel: systemd: 17 output lines
suppressed due to ratelimiting

I'm not sure what component's bug this is.

Re: [CentOS] Btrfs going forward, was: Errors on an SSD drive

Changing the subject since this is rather Btrfs specific now.

On Fri, Aug 11, 2017 at 5:41 AM, hw <> wrote:

Askbot not sending email notification on first postings

cross posting this on users@ and devel@, I'm not sure who all
regularly participates on as it's mainly user
to user.

The gist of this problem is you set up some keywords/tags and if
someone posts a question with one of those tags, you get an email.
Neat because I don't want emails for every question posted, just the
topics I'm going to be useful answering. Problem is, I don't get an
email notification for the original posting.

Fedora 25 GRUB security issue

security@ and security-team@ have no meaningful activity in at least
the last 6 months so I'm posting this here.

grub2 incorrectly initialises the boot_params from the kernel image
<a href="" title=""></a>

The gist is that the bug means the kernel can't determine UEFI secure
boot state, considers it not enabled, resulting in the kernel not
enabling certain checks it otherwise does when it knows secure boot is