| Anonymous | Login | Signup for a new account | 2010-02-09 05:22 UTC |
| Main | My View | View Issues | Roadmap | Docs |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | |||||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | |||||||
| 0001981 | [CentOS-5] anaconda | major | have not tried | 2007-04-26 03:47 | 2007-04-27 10:58 | |||||||
| Reporter | backes | View Status | public | |||||||||
| Assigned To | ||||||||||||
| Priority | normal | Resolution | not fixable | |||||||||
| Status | assigned | Product Version | 5.0 - x86_64 | |||||||||
| Summary | 0001981: During update centos-4.4->centos-5 a lot of time is spent during updating selinux and others | |||||||||||
| Description |
I updated one of my servers from centos-4.4 to centos-5. During the installation, the installer spent a very,very long time during updating the selinux components: despite my server is a very fast one (16 Gig mem, 8 Operon CPU's, SATA drives) for about 1/2 hour there was the program "restorecon" running (during selinux updating). A similar behaviour I saw at the update end (before the MBR is written): the same behaviour with a running "install" command. After all, the system was updated correctly. |
|||||||||||
| Additional Information | ||||||||||||
| Tags | No tags attached. | |||||||||||
| Attached Files | ||||||||||||
|
|
||||||||||||
 Relationships |
||||||
|
||||||
|
Notes |
|
|
(0004965) range (administrator) 2007-04-26 04:58 |
Where do you see the "bug"? |
|
(0004966) backes (reporter) 2007-04-26 05:32 |
Running a "top" command on the console during update (CtrlAlt F2) |
|
(0004967) danieldk (developer) 2007-04-26 07:52 edited on: 2007-04-26 08:01 |
Since the SELinux policy has changed a lot from 4.4 to 5, the whole filesystem needs to be relabled. Since this requires at least a stat() and getxattr() call for virtually every file, this can take a lot of time. The restorecon part doesn't sound like a bug to me. |
|
(0004968) danieldk (developer) 2007-04-26 08:03 |
"A similar behaviour I saw at the update end (before the MBR is written): the same behaviour with a running "install" command." Could this be "grub-install"? grub-install can take a long time when scanning for drives if there is no floppy drive, or some problem with the floppy drive. So, I guess that makes two questions: - Did "grub-install" take a lot of time? - Does the machine have a floppy drive? |
|
(0004969) backes (reporter) 2007-04-26 08:09 |
My answer to your questions: - Did "grub-install" take a lot of time? No, it was a programm called "install" (I had a running "top") - Does the machine have a floppy drive? No, it does not have! |
|
(0004972) smooge (developer) 2007-04-26 13:57 |
I do not think that this is a bug. Restorecon will take a very long time relabeling all the files... it is the equivalent of doing an rpm --setperms or rpm --setugids. To avoid it, one would need to not use selinux before/during/after upgrading to 5.0 |
|
(0004973) backes (reporter) 2007-04-27 04:21 |
I had selinux disabled (before and after the update), as you see in /etc/selinux/config: # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted # SETLOCALDEFS= Check local definition changes SETLOCALDEFS=0 Why then the restorecon runs? |
|
(0004974) range (administrator) 2007-04-27 04:25 |
Yes, but the installation probably booted with SELinux enabled. I still fail to see the "bug" here. And I'm still not sure what you mean by the "install" process. I also think it probably was grub-install balking out on the non existent floppy - this information can be found on virtual consoles 3, 4 or 5 during the installation process (console 2 is the shell) |
|
(0004975) backes (reporter) 2007-04-27 04:35 |
Well, I accept your SElinux argument. But I'm sure, if I run top during the last upgrade phase, the top cmd showed for a lot of minutes a program called "install", and not "grub-install". You can close the call. Thanks for your explanations. |
|
(0004987) smooge (developer) 2007-04-27 10:57 |
Thanks for letting us know about this 'feature'. I think I can see what the problem is.. since you run normally without SELINUX and CentOS-5 update does run with SELINUX... it had to go through and label all the files that had 'lost' or had wrong labels. We will need to add to future release notes that people upgrading without selinux may want to boot anaconda with selinux=0 at the boot prompt. |
|
(0004988) smooge (developer) 2007-04-27 10:58 |
Closing to Not Fixable as it is a 'Feature' :). Will add to release notes/gotchas. Thanks again for the time you put into tracking this. |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2007-04-26 03:47 | backes | New Issue | |
| 2007-04-26 03:47 | backes | Status | new => assigned |
| 2007-04-26 03:47 | backes | Assigned To | => kbsingh@karan.org |
| 2007-04-26 04:57 | range | Relationship added | has duplicate 0001984 |
| 2007-04-26 04:58 | range | Note Added: 0004965 | |
| 2007-04-26 05:32 | backes | Note Added: 0004966 | |
| 2007-04-26 07:52 | danieldk | Note Added: 0004967 | |
| 2007-04-26 08:01 | danieldk | Note Edited: 0004967 | |
| 2007-04-26 08:03 | danieldk | Note Added: 0004968 | |
| 2007-04-26 08:09 | backes | Note Added: 0004969 | |
| 2007-04-26 13:57 | smooge | Note Added: 0004972 | |
| 2007-04-27 04:21 | backes | Note Added: 0004973 | |
| 2007-04-27 04:25 | range | Note Added: 0004974 | |
| 2007-04-27 04:35 | backes | Note Added: 0004975 | |
| 2007-04-27 10:57 | smooge | Note Added: 0004987 | |
| 2007-04-27 10:58 | smooge | Note Added: 0004988 | |
| 2007-04-27 10:58 | smooge | Resolution | open => not fixable |
| Copyright © 2000 - 2009 Mantis Group |  |
