DevHeads.net

Postings by Chris Murphy

Re: [CentOS] Btrfs going forward, was: Errors on an SSD drive

Changing the subject since this is rather Btrfs specific now.

On Fri, Aug 11, 2017 at 5:41 AM, hw <hw@gc-24.de> wrote:

Askbot not sending email notification on first postings

cross posting this on users@ and devel@, I'm not sure who all
regularly participates on askbot.fedoraproject.org as it's mainly user
to user.

The gist of this problem is you set up some keywords/tags and if
someone posts a question with one of those tags, you get an email.
Neat because I don't want emails for every question posted, just the
topics I'm going to be useful answering. Problem is, I don't get an
email notification for the original posting.

Fedora 25 GRUB security issue

security@ and security-team@ have no meaningful activity in at least
the last 6 months so I'm posting this here.

grub2 incorrectly initialises the boot_params from the kernel image
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=1418360" title="https://bugzilla.redhat.com/show_bug.cgi?id=1418360">https://bugzilla.redhat.com/show_bug.cgi?id=1418360</a>

The gist is that the bug means the kernel can't determine UEFI secure
boot state, considers it not enabled, resulting in the kernel not
enabling certain checks it otherwise does when it knows secure boot is
enabled.

dnf cache downloading behavior

Is this expected behavior? Or is it a bug? And if it's a bug, how do I
collect the necessary information for a bug report? This problem
happens often, but not every day.

[chris@f26h Downloads]$ sudo dnf install *rpm
Fedora 26 - x86_64 - Test Updates

534 kB/s | 24 MB 00:46
Fedora 26 - x86_64 - Updates

570 kB/s | 6.6 MB 00:11
google-chrome

53 kB/s | 3.8 kB 00:00
Last metadata expiration check: 0:00:00 ago on Sat 22 Jul 2017 10:05:21 AM MDT.
Dependencies resolved.

And then in another Terminal tab hardly 25 minutes later it wants to
download the exact same repo metadata again.

Algo (VPN) Server

<a href="https://github.com/trailofbits/algo" title="https://github.com/trailofbits/algo">https://github.com/trailofbits/algo</a>

This looks kinda cool. I like the features and anti-features list.

\\Algo VPN is a set of Ansible scripts that simplify the setup of a
personal IPSEC VPN. It uses the most secure defaults available, works
with common cloud providers, and does not require client software on
most devices.\\

MIT License

F26 dnf makecache timer hanging

I have a new problem I haven't seen until recently on Fedora 26 (I
don't recall running into this during development, so I'm guessing
it's only shown up in the last month). This is on Fedora 26 Server but
should apply equally to Workstation:

So what you'll see below is the timer triggers pretty much once an
hour, and I guess figures out whether it's stale or not and if it is
it downloads new metadata.

rawhide, dnf can not load RPM file *.fc26.x86_64.rpm

Hmm, installing one older or newer kernel package usually works. Any
ideas?

Intel i915 firmwares

I ran into this today:
<a href="https://gist.github.com/Brainiarc7/aa43570f512906e882ad6cdd835efe57" title="https://gist.github.com/Brainiarc7/aa43570f512906e882ad6cdd835efe57">https://gist.github.com/Brainiarc7/aa43570f512906e882ad6cdd835efe57</a>

DRM firmware is loaded by default. HuC and GuC are not. Things work
without them, and things work with them loaded. So what's the pro/con
and if there's a pro, why isn't it the kernel default? Seems like if
it should be default, either upstream should set them as the default,
or the CPU/GPU should ask for it?

Recently (either 4.10/4.11 kernel, or same time frame Firefox on
F25/F26) I notice a blocky flickering when Firefox is launched. This
doesn't happen with the firmware loaded.

power management

01.org has several projects related to power management, but most
aren't in Fedora repositories. Are any of these useful for the recent
effort to make power management better on Fedora?

I've been compiling thermald from source for a while, and it does make
a difference to battery life and heat generation on laptops. It's only
in copr and that version is old.

The description of thermal daemon:
"This is an active open source project distributed under the LGPL open
source license.

Fedora Workstation connects using NT1 protocol by default

Hi,

Got a Fedora 25 Server using fairly default smb.conf, nothing special,
just to share some storage.

Three clients: macOS 10.12.4, Fedora 26, and Windows 10

On the server, using 'smbstatus' I see the following protocols used
for each client when connected:

Windows 10: SMB3_11
macOS: SMB3_02
Fedora 26: NT1

This is true whether I use smbclient or Nautilus to make the connection.

The smb.conf man page says for "client min protocol" and "client max protocol":

Normally this option should not be set as the automatic
negotiation phase in the SMB protocol takes care of choosing th

nic:virbr0 consuming over 3W?

Is this a bug? How is it possible for a virtual device to be the #1
consumer of power?

Power est.

debugging mutter/wayland, fixme

<a href="https://fedoraproject.org/wiki/How_to_debug_Wayland_problems" title="https://fedoraproject.org/wiki/How_to_debug_Wayland_problems">https://fedoraproject.org/wiki/How_to_debug_Wayland_problems</a>

"Debugging mutter

You can debug mutter (used in gnome-shell) by setting its environment
variables. These need to be set prior to run gnome-shell, so if you
want to log into GNOME from GDM, you need to create a wrapper script
called from a desktop file in /usr/share/wayland-sessions.

FIXME: Putting the wrapper script and desktop file here would be helpful."

Any chance anyone with time and interest to fix the fixme here?

i915 firmware not in Fedora?

The firmware <a href="https://01.org/linuxgraphics/intel-linux-graphics-firmwares" title="https://01.org/linuxgraphics/intel-linux-graphics-firmwares">https://01.org/linuxgraphics/intel-linux-graphics-firmwares</a>
is not included in Fedora Workstation by default, I'm also not finding
them in any repo.

I learned about this firmware from a bug I filed upstream and it's
recommended that it be used.
<a href="https://bugs.freedesktop.org/show_bug.cgi?id=99057" title="https://bugs.freedesktop.org/show_bug.cgi?id=99057">https://bugs.freedesktop.org/show_bug.cgi?id=99057</a>

Are there problems including it in Fedora?

Fedora on Macs, removing the release criterion

<a href="https://meetbot.fedoraproject.org/fedora-meeting-2/2016-11-10/f25-final-gono-go-meeting.2016-11-10-17.00.log.html" title="https://meetbot.fedoraproject.org/fedora-meeting-2/2016-11-10/f25-final-gono-go-meeting.2016-11-10-17.00.log.html">https://meetbot.fedoraproject.org/fedora-meeting-2/2016-11-10/f25-final-...</a>

I think it's specious to drop the criterion on this basis. There are
plenty of other things that don't get tested and their criterion don't
get dropped.

F25 workstation, and (almost) hidpi displays

HP Spectre 13" 1920x1080 and all text everywhere by default is just on
the cusp of too small. I don't think this is really a hidpi display,
so I'd expect this problem to be much worse if it were 3200x1800.

To compensate, I'm using Large Text in Universal Access. But
applications don't use that, such as Firefox. Further,
Preferences>Content >Fonts & Colors> Size is not used on many sites,
so that produces mixed results. Yes I can control-+ to get bigger
text, but that's a per page setting apparently - so I get even more
mixed results.

So...

grub, grubby, btrfs, was: PSA: Do not run 'dnf update' inside GNOME, KDE ...

This probably should have its own thread but I'm just changing the subject.

On Thu, Oct 6, 2016 at 10:18 PM, Eric Griffith < ... at gmail dot com> wrote:
It's a question for pjones or his clone :-D

My recollection is grubby was going to get a rethink, but I don't know
the scope.

F26 proposal: Make Fedora Media Writer the officially supported USB install media creator

Based on today's blocker review meeting discussion, and this email
thread [1] I'd like to propose making only Fedora Media Writer the
*officially supported* USB installation media creation tool, starting
with Fedora 26.

The practical implication of "officially support" means bugs for which
we'd block the release. It doesn't make sense to block the release if
myriad tools all don't succeed.

Cloud and Server Q&A

Hi,

I was asked to start this in today's Server meeting. The genesis for
me was, I have more questions than answers and I'm fairly convinced
I'm not the only person who's kinda shrugging not knowing what all the
questions even are. Answers are important too, but good questions to
properly explore scope and liabilities have to come first.

Cloud WG folks had decided a while ago to focus on Atomic Host, and
sounds like now they only want to do that, and form a new Atomic WG.
[1][2]

I see 8 base images for Cloud that aren't rpm-ostree based. Are they
in need of a new home? Who's using them?

F24 virt-manager fails to start any VM, SELinux policy denies access

<a href="https://bugzilla.redhat.com/show_bug.cgi?id=1369954" title="https://bugzilla.redhat.com/show_bug.cgi?id=1369954">https://bugzilla.redhat.com/show_bug.cgi?id=1369954</a>

I'm not sure what's caused this, I'm still trying to track it down.
But enforcing=0 does work around it. It might be a recent
selinux-policy of systemd update that's broken it.

37 Petabyte qcow2 file

OK this doesn't seem right. I think there's a bug here but before I
alter system state I want to capture as much debug info as possible.

# ls -lsh
50G -rw-r--r--. 1 root root 37P Jul 22 13:23 uefi_opensuseleap42.2a3-1.qcow2
196K -rw-r--r--.

Maintainer preferred method of blocker bug notification?

Hi,

At a recent QA meeting I raised the idea of a better way for
maintainers to find out when their package is a release blocking bug.
Better is vaguely defined by me as: not email based, and not adamw
based (Adam Williamson is in fact a person not a bot).

Currently, the ways a maintainer finds out a bug is release blocking:

1. Bugzilla email. When QA determines a bug is a blocker, it's noted
in the bug as a comment, and bugzilla emails (most) everyone on the
cc.

The problem with email is self-explanatory.

grub2 wiki page

Can someone double check this before I make the change?

<a href="https://fedoraproject.org/wiki/GRUB_2" title="https://fedoraproject.org/wiki/GRUB_2">https://fedoraproject.org/wiki/GRUB_2</a>

1. Under "Install the bootloader files" grub2-efi-modules shouldn't
be listed. An unsuspecting user who then uses grub2-install as they
once did on BIOS systems will blow away the signed grubx64.efi file
and boot will fail on Secure Boot enabled systems.

2. Also under "install the bootloader files" it lists the shim
package, but this should be shim-signed in order to include the
shim.efi that's been signed by the Microsoft signing service.

Oops on i686, 4.2.0-0.rc8, was: Summary/Minutes from...

On Sun, Aug 30, 2015 at 12:39 PM, Richard W.M. Jones < ... at redhat dot com> wrote:
I have i686 hardware (ancient Dell laptop) running
4.2.0-0.rc8.git0.1.fc23.i686 for over 24 hours with some heavy btrfs +
rsync stuff, and no oopses. What would I need to run to try to
reproduce? And is there a meaningful difference this is an fc23
kernel, not fc24?

"install devtools" in F22 live boot, device-mapper implosion

User over on users@ list reports booting Fedora 22 Workstation (live
media), and doing:

# dnf install "Developer Tools"

Implodes.

I've reproduced the problem, and the gist is that there's a dm
snapshot that's too small for this task, it gets full quickly, the
file system face plants, and the kernel oopses. No recovery is
possible. Long version [1].

Question 1: Should this work better and be a supported use case?

Question 2: If so how to fix it? Change the configuration for a bigger
snapshot? Or use thin provisioning snapshot?

LVM hatred, was Re: /boot on a separate partition?

Chris Adams linux at cmadams.net Wed Jun 24 19:06:19 UTC 2015
LVM is the emacs of storage. It'll be here forever.

Btrfs doesn't export (virtual) block devices like LVM can, so it can't
be a backing for say iSCSI. And it's also at the moment rather
catatonic when it comes to VM images. This is mitigated if you set
xattr +C at image create time (it must be zero length file for +C to
take).

LVM hatred, was Re: /boot on a separate partition?

Chris Adams linux at cmadams.net Wed Jun 24 13:14:34 UTC 2015

This is consistent with what I've experienced. Minimal difference.
<a href="http://web-docs.gsi.de/~tstibor/iozone/qcow.vs.lvm/" title="http://web-docs.gsi.de/~tstibor/iozone/qcow.vs.lvm/">http://web-docs.gsi.de/~tstibor/iozone/qcow.vs.lvm/</a>

LVM hatred, was Re: /boot on a separate partition?

Gordon Messmer gordon.messmer at gmail.com Wed Jun 24 01:42:13 UTC 2015

I did a bunch of testing of Raw, qcow2, and LV backed VM storage circa
Fedora 19/20 and found very little difference. What mattered most was
the (libvirt) cache setting, accessible by virsh edit the xml config
or virt-manager through the GUI.

LVM hatred, was Re: /boot on a separate partition?

Mike - st257 silvertip257 at gmail.com Tue Jun 23 16:40:47 UTC 2015

I think LVM is badass, however if you don't know the LVM tools, you're
instantly tossed deep into the weeds.

/boot on a separate partition?

Timothy Murphy gayleard at eircom.net Tue Jun 23 12:49:08 UTC 2015
Different distros have different defaults. There's no actual right or
wrong here. Pretty much anything you can think of can be made to work.

Jonathan Billings billings at negate.org Tue Jun 23 13:28:18 UTC 2015
It's bad design. First, it's a nested mount: file system A on /, and
file system B on /boot, and file system C on /boot/efi.

f22 rsync missing systemd unit files

I was just about to file a bug.

rsync-3.1.1-3.fc21.<arch>.rpm contains these unit files:
/usr/lib/systemd/system/rsyncd.service
/usr/lib/systemd/system/rsyncd.socket
/usr/lib/systemd/system/rsyncd@.service

rsync-3.1.1-3.fc22.<arch>.rpm does not.

However, the usual rsync command works as expected; and on the remote
system an rsync process is spawned. Incremental sends work and are
fast. But there is no rsyncd process hanging about like on Fedora 21,
and nothing listening on the rsync socket since it doesn't exist.

So? Bug or not a bug?