I’m using tumbleweed on two machines for some times now.
I’ve got some quirks and I would like to publicize them so other doesn’t encounter them ^^’
I’m not to sure where and how I must report. Is it better to create abugreport and they’ll be manage later, or to take contact with a mailing list or a specific team first or just do nothing ?
The bugs/quirk I do have
→ a kernel bug in my net/r8169 where crosstimetamping is activated but not supported by my hardware (and it breaks linuxptp) : → bugreport to opensuse ou asking for the kernel (upstream) maintener of this module ?
I’ve never really done kernel debugging.
→ a bug where the selinux relabel generator doesn’t work when snapperd is used on other partition than root.
I’ve done a workaround, but it will work only for my specific use case.
(And why launching an relabeling at each update ? It’s sooooo long, and will not be usable in big, nas system).
→ some selinux policy adaptation with libvirt and so on.
The hardware/kernel bug (I will take contact with the upstream maintener sometimes later):
with an ethernet controller ‘Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 15)’ / Subsystem: Realtek Semiconductor Co., Ltd. Device 0123 / Interrupt: pin A routed to IRQ 18
install linuxptp
set the clock time on the ptp device
phc2sys -s CLOCK_REALTIME -c /dev/ptp0 -O 0 -m
(wait a little then hit ctrl+c)
verify that the clock is (no bug) or not synchronized with clock_realtime
phc_ctl /dev/ptp0 cmp
The snapper/ bug:
On a micro-os install, with selinux activated
Add a snapper configuration for a btrfs filesystem, in my case /srv, but could be /home (following this tutorial for example : openSUSE:Snapper Tutorial - openSUSE Wiki )
Create at least one snapshot
make a kernel update with transactionnal-update, then reboot
le selinux-relabel generator will try to relabel de /srv/.snapshot , which is R/O and then stop and prevent any more booting. (I will open a bugreport for this one the next week.)
Workaround: create an override of the -relabel.service, and exclude the “.snapshots” from the restorecon
The real question is how to make it generic enough and working OOTB. For a start, anyone is free to create read-only subvolume anywhere, it must not be called .snapshots.
I bet if you mount normal (not btrfs) filesystem read-only you will get the same problem.
One : I just used the tools , OOTB and following the tutorial, and finish with a not-bootable machine ^^'.
Second: The solution is easy enough. As I’ve specified, these systemd units are from a generator. When the generator (/usr/lib/systemd/system-generators/selinux-autorelabel-generator ) create the root unit, it specify correctly to exclude the relabelin (add option -x at line 67)
When it generate the units for the other FS, it doesn’t add the exclude.
From this multiples correction could be made
1°) Add -e ${realdir}/.snapshots to line 43 of this file.
2°) doesn’t hardcode “realdir” list (line 20) but extract fs list, remove all .snapshot, and always add “-x”
In addition, I suspect another bug if there are space inside the path of a FS. Using quotes around “${realdir}” will be advised.
The other true correction will be to not need a relabel after each reboot ^^’
(But it’s happy that this generator is a script and not a binary, as the other systemd generator…)