Ask Your Question

marcinek's profile - activity

2019-02-03 07:12:41 -0600 received badge  Popular Question (source)
2018-12-05 08:34:22 -0600 received badge  Good Question (source)
2018-12-05 08:33:43 -0600 marked best answer Force akmod to stick to 390.X NVidia drivers

Hi,

I used to have akmod-nvidia package building 390.X driver. Now, after an update, It builds 396, which does not support my card (an old Quadro 600). There is a package named akmod-nvidia-340xx for 340 driver, but pure akmod-nvidia builds only latest, 396. Is there a way to force akmod to use a "middle", 390 version? Or maybe, there should be a package kmod-nvidia-390xx ?

2018-12-05 08:32:28 -0600 received badge  Notable Question (source)
2018-12-05 08:32:28 -0600 received badge  Popular Question (source)
2018-08-01 05:54:26 -0600 received badge  Nice Question (source)
2018-08-01 03:44:44 -0600 asked a question Force akmod to stick to 390.X NVidia drivers

Force akmod to stick to 390.X NVidia drivers Hi, I used to have akmod-nvidia package building 390.X driver. Now, after

2018-06-03 04:08:13 -0600 asked a question PackageKit downloading packages but not proposing update upon shutdown.

PackageKit downloading packages but not proposing update upon shutdown. Hi! I have just noticed on my fresh F28 install

2017-05-08 08:31:24 -0600 received badge  Nice Answer (source)
2017-05-08 08:30:27 -0600 received badge  Student (source)
2017-05-08 08:30:13 -0600 received badge  Self-Learner (source)
2017-05-08 03:01:41 -0600 answered a question How to add SE Linux Labels to custom squid cache directory?

It looks I'm answering myself... I managed to figure out how to run squid on custom cache dir with SELinux enabled, but I'm not sure if it is a proper thing to do.

I've found two issues: 1. I've noticed that previously I've changed only the "type" part of file context, leaving unconfined_u as user. So I changed the context again:

semanage fcontext -a -t squid_cache_t -s system_u /squid/cache(/.*)?

But squid failed to start with same as before audit messages. That leads to second issue: 2. AVC avc: denied { search } - audit.log entries suggests that squid can not enter the directory. This time I decided to create the policy that enables squid to do what was denied:

[root@malina ~]# grep squid /var/log/audit/audit.log | audit2allow -M my_squid
******************** IMPORTANT ***********************
To make this policy package active, execute:

semodule -i my_squid.pp

[root@malina ~]# semodule -i my_squid.pp

Now works like charm, but question remains: Should I work more on file contexts to avoid the need of creating custom policy or such policy is an absolute need and can not be avoided?

2017-05-08 02:41:11 -0600 answered a question Fedora 25 Slow After Software Update

Hi! Please send some more details, like kernel version, hw information etc. Are you on X.org or Wayland ? Did you monitored your system for the cause of these lags? I mean is it because of excessive IO activity or some CPU hogs? I'd suggest running nmon utility (not installed by default, but available in repos) for a while to find out who is guilty.

marcin

2017-05-06 09:37:49 -0600 asked a question How to add SE Linux Labels to custom squid cache directory?

I decided to configure my squid (running on RPI 3B, Fedora 25 Server) to use custom cache directory. Just for the the sake of education I'm trying to live with SE Linux set to enforcing. I've found lots of labels in /etc/selinux/targeted/contexts/files including the /var/spool/squid and /var/cache/squid entries:

[root@malina files]# grep squid file_contexts file_contexts.local
[ ... ]
file_contexts:/var/cache/squid(/.*)?    system_u:object_r:squid_cache_t:s0
file_contexts:/var/spool/squid(/.*)?    system_u:object_r:squid_cache_t:s0
[...]
file_contexts:/usr/libexec/squid/cache_swap\.sh --  system_u:object_r:squid_exec_t:s0

I assume that my /squid/cache filesystem should be labeled the same way as /var/spool/squid so I added a local context like this:

semanage fcontext -a -t squid_cache_t "/squid/cache(/.*)?"

And got the following entry in my file_contexts.local file:

/squid/cache(/.*)?    system_u:object_r:squid_cache_t:s0

I have run squid -z previously and got swap dirs created, so I ran restorecon -R -v /squid/cache and got these labels on my swap directories:

[root@malina files]# ls -ldZ /squid/cache/
drwxr-x---. 18 squid squid unconfined_u:object_r:squid_cache_t:s0 166 May  5 14:50 /squid/cache/

Now, when I start squid, I get the following entries in my /var/log/audit/audit.log file:

type=AVC msg=audit(1494081141.015:285): avc:  denied  { search } for  pid=1840 comm="cache_swap.sh" name="/" dev="sda1" ino=96 scontext=system_u:system_r:squid_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir permissive=0
type=AVC msg=audit(1494081141.607:286): avc:  denied  { search } for  pid=1845 comm="squid" name="/" dev="sda1" ino=96 scontext=system_u:system_r:squid_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir permissive=0
type=AVC msg=audit(1494081141.607:287): avc:  denied  { search } for  pid=1845 comm="squid" name="/" dev="sda1" ino=96 scontext=system_u:system_r:squid_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir permissive=0
type=SERVICE_START msg=audit(1494081141.671:288): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=squid comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'

Am I missing something? Here are last few lines from journalctl -xe:

-- Unit squid.service has begun starting up.
May 06 16:32:21 malina audit[1840]: AVC avc:  denied  { search } for  pid=1840 comm="cache_swap.sh" name="/" dev="sda1"
May 06 16:32:21 malina audit[1845]: AVC avc:  denied  { search } for  pid=1845 comm="squid" name="/" dev="sda1" ino=96 
May 06 16:32:21 malina audit[1845]: AVC avc:  denied  { search } for  pid=1845 comm="squid" name="/" dev="sda1" ino=96 
May 06 16:32:21 malina squid[1845]: Failed to make swap directory /squid/cache: (13) Permission denied
May 06 16:32:21 malina cache_swap.sh[1840]: init_cache_dir /squid/cache...
May 06 16:32:21 malina systemd[1]: squid.service: Control process exited, code=exited status=1
May 06 16:32:21 malina systemd[1]: Failed to start Squid caching proxy.
-- Subject: Unit squid.service has failed
-- Defined-By: systemd
-- Support: http ...
(more)
2017-05-06 08:56:33 -0600 received badge  Supporter (source)
2017-05-06 08:53:50 -0600 received badge  Notable Question (source)
2017-05-05 05:15:47 -0600 answered a question Slowness issue in Fedora on Raspberry Pi 3

I've installed F25 Server on my Raspberry 3b too. It's running 4.10.13-200.fc25.armv7hl and it is still terribly slow. Fortunately I got rid of annoyng "i2c" messages of 4.8 kernel but I hoped last one will be faster. Quick look at nmon revealed that SD card (Class 10 as well) is 99% busy handling io performed by systemd. And traffic is around 64k /s So yes, the problem still exists. Did you managed to solve it ? - I'm asking since your post is already couple of months old :-)

2016-06-08 04:42:58 -0600 received badge  Teacher (source)
2016-06-07 02:53:13 -0600 answered a question Unable to switch to console with NVIDIA drivers and kernel 4.5.5-201.fc23.x86_64

It looks like "it's a feature, not a bug" :-P. I have the same behavior on 4.4.X. I've found your post while investigating future problems with rpmfusion's nvidia driver. Because of that, I'm always in doubt if I should update to new kernel as ssoon as it hits the repos. I assume in your case, the driver compiled ok?

BTW, try Ctrl+Alt+F3 instead. Your console should be there.

2015-03-01 22:55:04 -0600 received badge  Popular Question (source)