Linux

Linux stuff

Fedora28 systemd-logind crashing with NIS / ypbind

So, yes, I run NIS on a few hosts, because it's still the easiest way to setup some account info in a small network. I'm I dinosaur, what can I say. After I upgraded to Fedora28, I noticed a significant delay when ssh'ing into these boxes. Of course, the problem is with systemd, which now also decides it needs to own logind... And it hangs in a way that it has to be killed via a watchdong. In my logs, I would see e.g.

Jul 16 23:43:51 x kernel: audit: type=1701 audit(y): auid=z uid=0 gid=0 ses=q pid=4025 comm="systemd-logind" exe="/usr/lib/systemd/systemd-logind" sig=6 res=1
Jul 16 23:43:51 x systemd[1]: Started Process Core Dump (PID 4248/UID 0).
Jul 16 23:43:51 x audit[1]: SERVICE_START pid=1 uid=0 auid=x ses=y msg='unit=systemd-coredump@3-4248-0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Jul 16 23:43:51 x kernel: audit: type=1130 audit(x: pid=1 uid=0 auid=y ses=z msg='unit=systemd-coredump@3-4248-0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Jul 16 23:43:52 x audit[1]: SERVICE_STOP pid=1 uid=0 auid=x ses=y msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Jul 16 23:43:52 x systemd[1]: systemd-logind.service: Main process exited, code=dumped, status=6/ABRT
Jul 16 23:43:52 x systemd[1]: systemd-logind.service: Failed with result 'watchdog'.
Jul 16 23:43:52 x systemd[1]: systemd-logind.service: Service has no hold-off time, scheduling restart.
Jul 16 23:43:52 x systemd[1]: systemd-logind.service: Scheduled restart job, restart counter is at 4.
Jul 16 23:43:52 x systemd[1]: Stopped Login Service.
Jul 16 23:43:52 x systemd[1]: Starting Login Service... 

The solution to this, other than trying to get rid of systemd-logind itself (which might, or might not, be doable), is to edit the two files /etc/pam.d/password-auth and /etc/pam.d/system-auth, and comment out the following (supposedly optional) line:

-session    optional                                     pam_systemd.so

There's also a Bugzilla issue which I think tracks this issue.

Hacking: 

RPi, Fedora 28, and resizing the image

Finally, Fedora 28 supports the RPi 3B+, with a functional 64-bit image! However, I had an issue with resizing the root (/) file system. THe instructions on their site did not work as documented, after running gparted on the image, the / volume was still small. I ended up running the following, as root, on the running system, and it worked fine:

$ lvextend -l +100%FREE -r /dev/fedora/root

I had of course alread run gparted which resized the PV pool, but I suspect you could do that too with 

$ pvresize /dev/mmcblk0p3

Hacking: 

Picade and audio

A while ago, Peter and I built a RPi based Picade box. It was a lot of fun! We had some issues with sound though, with a lot of static and clicking noises. After some digging, I ended up with the following configurations:

# Enable audio (loads snd_bcm2835)
dtparam=audio=on
overscan_scale=1
# Try to fix sound
disable_audio_dither=1
audio_pwm_mode=2
hdmi_drive=2

I'm not sure exactly which ones are absolutely necessary, but the above works well for us.

Hacking: 

Slow emacs startup on CentOS7 under VirtualBox

I use VirtualBox for most of my development efforts on my macBook. I recently had to reinstall CentOS7 on this new machine, and was noticing a 10s (2x 5s) delay on startup times for Emacs. Doing an strace -tt on the Emacs binary, I noticed it would timeout on trying to lookup its own hostname. I'm not sure why, but this timesout on the DNS lookups were annoying the hell out of me. The solution was to add the local hostname (set in /etc/hostname) to the 127.0.0.1 entry in /etc/hosts.

Hacking: 

TCP Fast Open

i've been fiddling with TFO lately, and my BFF Randall found this excellent article on the topic. Well worth a read! Doing some tests, for small requests / responses, you can make resonse times quite noircably faster!

Note: On my modern linux kernel, the command to get the TFO metrics out of netstat is not correct. It should be

$ grep "^TcpExt:" /proc/net/netstat | cut -d " " -f 91-96  | column -t

 

Hacking: 

Comparing RPM packages between two systems

I needed to sync two different Fedora boxes, such that they have similar (but not identical) packages installed. This turns out to be fairly straight forward with some basic command line utilities. First, create a list of all packages on each machine, with something like

$ rpm -qa --queryformat='%{NAME}\n' | sort > machine-1.txt
$ rpm -qa --queryformat='%{NAME}\n' | sort > machine-2.txt

​Then, using the -f option to grep, you can see what's missing from each system. E.g.

$ grep -v -f machine-1.txt machine-2.txt

Hacking: 

Swapping CAPS lock and CTRL on Raspbian

I was fiddling with one of my (new) RPi's, and realized there was no UI component to switch the CAPS lock to be CTRL. Really? So, found a couple of things that has to be modified:

First, I edited /etc/default/keyboard, adding

XKBOPTIONS="terminate:ctrl_alt_bksp,ctrl:nocaps"

​​Secondly, I modified my ~/.config/lxkeymap.cfg, adding

option = ctrl:swapcaps

​Boom!

Hacking: 

Fedora 24 issues on VirtualBox

As of some recent upgrades to my F24 VM (running under VirtualBox), my system would not boot properly any more, getting errors like

NMI watchdog: BUG: soft lockup - CPU#0 stuck

 

I couldn't find any details as to why this was, other than someone having similar issues with a bad GPU card (not under a VM). I checked my display settings for the VM, which had the minimum recommended setting of 21MB. This ought to have been plenty, since I run my Linux system in a head-less mode (no display etc.). However, Linux must have changed something, cause this no longer worked, but bumping the GPU memory to 32MB seems to have fixed it. Bizarre.

Hacking: 

firewalld and network interfaces

I have to say, firewalld and firewalld-cmd really sucks. But, since it's the default on a bunch of installations I use, and I try to "drink the koolaid", I've had the misfortune to try to set it up. Now, it mostly works, except when it doesn't, and then it really fails hard. Case in point, I wanted to reassign some network interfaces to a different zone, and naïvely thought that e.g. this would work:

$ sudo firewall-cmd --permanent --zone=public --remove-interface=eth2
$ sudo firewall-cmd --permanent --zone=internal --add-interface=eth2

 

Yeah, not so much ... What does instead work is adding lines like this to /etc/sysconfig/network-scripts/ifcfg-eth2:

ZONE=internal

WTF?

Hacking: 

Pages

Subscribe to RSS - Linux