Fedora28 systemd-logind crashing with NIS / ypbind

So, yes, I run NIS on a few hosts, because it's still the easiest way to setup some account info in a small network. I'm I dinosaur, what can I say. After I upgraded to Fedora28, I noticed a significant delay when ssh'ing into these boxes. Of course, the problem is with systemd, which now also decides it needs to own logind... And it hangs in a way that it has to be killed via a watchdong. In my logs, I would see e.g.

Jul 16 23:43:51 x kernel: audit: type=1701 audit(y): auid=z uid=0 gid=0 ses=q pid=4025 comm="systemd-logind" exe="/usr/lib/systemd/systemd-logind" sig=6 res=1
Jul 16 23:43:51 x systemd[1]: Started Process Core Dump (PID 4248/UID 0).
Jul 16 23:43:51 x audit[1]: SERVICE_START pid=1 uid=0 auid=x ses=y msg='unit=systemd-coredump@3-4248-0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Jul 16 23:43:51 x kernel: audit: type=1130 audit(x: pid=1 uid=0 auid=y ses=z msg='unit=systemd-coredump@3-4248-0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Jul 16 23:43:52 x audit[1]: SERVICE_STOP pid=1 uid=0 auid=x ses=y msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Jul 16 23:43:52 x systemd[1]: systemd-logind.service: Main process exited, code=dumped, status=6/ABRT
Jul 16 23:43:52 x systemd[1]: systemd-logind.service: Failed with result 'watchdog'.
Jul 16 23:43:52 x systemd[1]: systemd-logind.service: Service has no hold-off time, scheduling restart.
Jul 16 23:43:52 x systemd[1]: systemd-logind.service: Scheduled restart job, restart counter is at 4.
Jul 16 23:43:52 x systemd[1]: Stopped Login Service.
Jul 16 23:43:52 x systemd[1]: Starting Login Service... 

The solution to this, other than trying to get rid of systemd-logind itself (which might, or might not, be doable), is to edit the two files /etc/pam.d/password-auth and /etc/pam.d/system-auth, and comment out the following (supposedly optional) line:

-session    optional                           

There's also a Bugzilla issue which I think tracks this issue.


RPi, Fedora 28, and resizing the image

Finally, Fedora 28 supports the RPi 3B+, with a functional 64-bit image! However, I had an issue with resizing the root (/) file system. THe instructions on their site did not work as documented, after running gparted on the image, the / volume was still small. I ended up running the following, as root, on the running system, and it worked fine:

$ lvextend -l +100%FREE -r /dev/fedora/root

I had of course alread run gparted which resized the PV pool, but I suspect you could do that too with 

$ pvresize /dev/mmcblk0p3


pfSense system upgrade failure

I was having issues with the upgrades to my pfSense box, where the UI just said "Unable to check for updates":

I logged in to the box, and tried

[2.3.4-RELEASE][]/root: pkg update
Shared object "" not found, required by "pkg"


Yeh, no good. Poking around a bit, I did the following, which seems to have resolved the issue:

[2.3.4-RELEASE][admin@yggdrasil]/root: pkg-static update -f
[2.3.4-RELEASE][admin@yggdrasil]/root: pkg-static upgrade -f


Why the UI isn't using the statically compiled "pkg" binary is unknown (i.e. a mystery, i.e. likely a bug :-).

Picade and audio

A while ago, Peter and I built a RPi based Picade box. It was a lot of fun! We had some issues with sound though, with a lot of static and clicking noises. After some digging, I ended up with the following configurations:

# Enable audio (loads snd_bcm2835)
# Try to fix sound

I'm not sure exactly which ones are absolutely necessary, but the above works well for us.


Shrinking VirtualBox VDI's

This is nothing new, but I'm adding this here for myself, so I can find it again. Once in a while, dynamically allocated VDI's in VirtualBox will grow a lot more than what the guest OS reports as being used. When this happen, you can recover some space on the host system, doing the following.

First, in the guest OS, you can do one of the following:

mount -o remount,ro /dev/sda1
zerofree -v /dev/sda1

However, I could not get that to work, for some reason, it just said that it couldn't open the device. So, the second thing to do, which is what I do, is

sudo dd if=/dev/zero of=/bigemptyfile bs=4096k
sudo rm -rf /bigemptyfile
These commands will allow the VirtualBox command to recognize the zero-filled blocks that should be recovered:
VBoxManage modifyhd ~/VirtualBox/Linux/linux.vdi --compact

The commands varies slightly depending on the host OS, the above is on my Mac.

Slow emacs startup on CentOS7 under VirtualBox

I use VirtualBox for most of my development efforts on my macBook. I recently had to reinstall CentOS7 on this new machine, and was noticing a 10s (2x 5s) delay on startup times for Emacs. Doing an strace -tt on the Emacs binary, I noticed it would timeout on trying to lookup its own hostname. I'm not sure why, but this timesout on the DNS lookups were annoying the hell out of me. The solution was to add the local hostname (set in /etc/hostname) to the entry in /etc/hosts.


gzip vs Brotli compression

I enabled Brotli on one of the sites that I run ( and I examined the logs (about 200,000 log entries so far), and comparing the sizes for each URL that gets both Brotli and gzip. I summarized by content type, and see 5-10% smaller objects with Brotli.

application/javascript  -6.42%
text/css               -10.05%
text/plain              -4.64%
text/html               -8.44%

High Sierra and local TimeMachine backups

I was wondering where some of my disk space was going, and realized that macOS HighSierra will make local TimeMachine backups as needed, and while disk space is available. This might be cool in some cases, and you can see (and delete) these snapshots with 

$ tmutil listlocalsnapshotdates /Volumes/

$ tmutil deletelocalsnapshots 2017-11-29-134430

Another alternative is to use the thinlocalsnapshots option

$ tmutil thinlocalsnapshots /Volumes/

However, that didn't do anything on my box. Instead, I just looped over all of the snapshots, and nuked them all:

for snap in $(tmutil listlocalsnapshotdates /Volumes/; do
    tmutil deletelocalsnapshots $snap

TCP Fast Open

i've been fiddling with TFO lately, and my BFF Randall found this excellent article on the topic. Well worth a read! Doing some tests, for small requests / responses, you can make resonse times quite noircably faster!

Note: On my modern linux kernel, the command to get the TFO metrics out of netstat is not correct. It should be

$ grep "^TcpExt:" /proc/net/netstat | cut -d " " -f 91-96  | column -t




Subscribe to RSS - blogs