Package: policycoreutils
Version: 1.32-1
Severity: normal
Hi,
It's been nearly 3 hours that I started upgrading
selinux-policy-refpolicy-targeted from version 0.0.20061018-1 to
version 0.0.20061018-2. I first thought this was an infinite loop, but
strace showed some read()s here and there, and finally some open()s of
files like /usr/share/selinux/refpolicy-targeted/openca.pp,
/usr/share/selinux/refpolicy-targeted/audioentropy.pp. It was a long
while until I saw the first open(), so presumably the process was hung
for a very long time on the file where I started stracing.
I don't know whether it's possible to speed up the process, it would
probably the best solution, but otherwise an alternate solution must be
found for ARM machines like this (and I'm running on a very fast ARM:
500 MHz):
- pre-generate the data
- disable this step on ARM by default
I'm filing this against policycoreutils which ships semodule_deps which
I believe is the culprit. It seems to be reading and processing data
at a very slow rate:
18:13:30 open("/usr/share/selinux/refpolicy-targeted/ddcprobe.pp", O_RDONLY) = 3
18:13:30 fstat64(3, {st_mode=S_IFREG|0644, st_size=41811, ...}) = 0
18:13:30 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x40016000
18:13:30 read(3, "\217\377|\371\1\0\0\0\2\0\0\0\24\0\0\0\261}\0\0\215\377"...,
4096) = 4096
18:13:30 _llseek(3, 0, [4096], SEEK_CUR) = 0
18:13:30 fstat64(3, {st_mode=S_IFREG|0644, st_size=41811, ...}) = 0
18:13:30 _llseek(3, 40960, [40960], SEEK_SET) = 0
18:13:30 read(3, "kets.\n# \n\n\n#\n# Permissions for u"..., 4096) = 851
18:13:30 _llseek(3, 0, [0], SEEK_SET) = 0
18:13:30 read(3, "\217\377|\371\1\0\0\0\2\0\0\0\24\0\0\0\261}\0\0\215\377"...,
4096) = 4096
18:13:30 _llseek(3, 4096, [4096], SEEK_SET) = 0
18:13:30 _llseek(3, 4096, [4096], SEEK_SET) = 0
18:13:35 read(3, "otaon\6\0\0\0\17\0\0\0swapon\4\0\0\0\0\0\0\0\22\0\0\0\7"...,
4096) = 4096
18:13:41 read(3, "\0\2\0\0\0read\6\0\0\0\r\0\0\0rename\4\0\0\0\7\0\0\0l"...,
4096) = 4096
18:13:46 read(3, "send_msg\7\0\0\0\5\0\0\0getattr\7\0\0\0\6\0\0\0s"..., 4096) =
4096
18:13:54 read(3, "@[EMAIL PROTECTED]"..., 4096) = 4096
18:14:03 read(3, "[EMAIL PROTECTED]"..., 4096) = 4096
18:14:11 read(3, "@[EMAIL PROTECTED]@\0\0"..., 4096) = 4096
(that's 4K / 8s, /usr/share/selinux/refpolicy-targeted is 16 MB, so
it's looking like it will take some 10 hours.)
Bye,
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: arm (armv5tel)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-iop32x
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Versions of packages policycoreutils depends on:
ii libc6 2.3.6.ds1-8 GNU C Library: Shared libraries
ii libpam0g 0.79-4 Pluggable Authentication Modules l
ii libselinux1 1.32-3 SELinux shared libraries
ii libsemanage1 1.8-1 shared libraries used by SELinux p
ii libsepol1 1.14-1 Security Enhanced Linux policy lib
pn python <none> (no description available)
ii python-selinux 1.32-3 Python bindings to SELinux shared
ii python-semanage 1.8-1 Python bindings for SELinux polic
Versions of packages policycoreutils recommends:
pn selinux-policy-refpolicy-targ <none> (no description available)
-- no debconf information
--
Loïc Minier <[EMAIL PROTECTED]>
"You see, killbots have a preset kill limit. Knowing their weakness,
I sent wave after wave of my own men at them until they reached their
limit and shutdown." -- Zapp Brannigan
