2

On my Fedora system with selinux's unconfined module disabled (so, basically selinux is in extra strict mode) I keep getting this:

Feb 16 23:20:11 stodi.digitalkingdom.org systemd[2227]: Failed to open /dev/mapper/mydev device, ignoring: Permission denied

The device in question is a per-user encrypted device. I'm sure the issue with perms is selinux and I can figure that out myself, my question is why does systemd try to poke at this device uh [checks] 26 times a day or so? Like what is it even doing poking at that device? How can I make it stop? I don't want it to poke that device at all.

ADDED 1: How often this happens appears to have varied substantially over time; that "26" number was from a random day recently, but yesterday it happened 8834 times. -_-; It seems to have happened about every 5 minutes most of the day, and each time it happens it happens ~20 times.

I now know why it happens a bunch of times at once, though: it's the user-level systemd processes. When I look at the PID listed in the error over time there's a bunch of singletons but most of them are from a limited set of PIDs which:

rlpowell@stodi> for num in 2195 2196 2197 2199 2200 2201 2202 2204 2205 2206 2207 2209 2210 2221 2222 2224 2225 2226 2227 2366
do
ps afux | grep '[ ]'$num'[ ]'
done
1000        2195  0.0  0.0 262436 10192 ?        Ss    2024  11:41 /usr/lib/systemd/systemd --user
1001        2196  0.0  0.0 264192  7528 ?        Ss    2024   4:45 /usr/lib/systemd/systemd --user
1009        2197  0.0  0.0 262288  6256 ?        Ss    2024   4:38 /usr/lib/systemd/systemd --user
1027        2199  0.0  0.0 263348  6292 ?        Ss    2024   4:51 /usr/lib/systemd/systemd --user
1039        2200  0.0  0.0 262340  7012 ?        Ss    2024   4:47 /usr/lib/systemd/systemd --user
1048        2201  0.0  0.0 262476  7504 ?        Ss    2024   4:53 /usr/lib/systemd/systemd --user
1049        2202  0.0  0.0 263872  6676 ?        Ss    2024   4:42 /usr/lib/systemd/systemd --user
1052        2204  0.0  0.0 261156  8200 ?        Ss    2024   4:39 /usr/lib/systemd/systemd --user
1065        2205  0.0  0.0 261304  6708 ?        Ss    2024   4:37 /usr/lib/systemd/systemd --user
1072        2206  0.0  0.0 260208 12356 ?        Ss    2024   4:34 /usr/lib/systemd/systemd --user
1077        2207  0.0  0.0 262028  6692 ?        Ss    2024   4:35 /usr/lib/systemd/systemd --user
1079        2209  0.0  0.0 262452  7180 ?        Ss    2024   4:43 /usr/lib/systemd/systemd --user
1093        2210  0.0  0.0 263056  9808 ?        Ss    2024   4:48 /usr/lib/systemd/systemd --user
1095        2221  0.0  0.0 265264 10000 ?        Ss    2024   4:57 /usr/lib/systemd/systemd --user
1096        2222  0.0  0.0 263776 10300 ?        Ss    2024   4:43 /usr/lib/systemd/systemd --user
1099        2224  0.0  0.0 263216  9912 ?        Ss    2024   5:03 /usr/lib/systemd/systemd --user
1101        2225  0.0  0.0 262152  7276 ?        Ss    2024   4:38 /usr/lib/systemd/systemd --user
1102        2226  0.0  0.0 263332  8828 ?        Ss    2024   4:48 /usr/lib/systemd/systemd --user
1104        2227  0.0  0.0 263840 10340 ?        Ss    2024  12:38 /usr/lib/systemd/systemd --user
1055        2366  0.0  0.0 260596  6828 ?        Ss    2024   5:05 /usr/lib/systemd/systemd --user

(Fun fact! You can get ps to show UID (first column) instead of username by just temporarily deleting everything in /etc/passwd :D )

So every user systemd, which I have turned on for all users so people can have their own services, is trying to touch this device, and failing with permission denied because yes absolutely they're not allowed to do that.

I still have no idea why.

ADDED 2: Yeah, so, this is on a user that isn't the user whose encrypted device it is, from systemctl list-units --user plus some editing; /home/tmp/mydev is the file the device is mounted from:

  dev-disk-by\x2did-dm\x2dname\x2dmydev.device                                             loaded    active     plugged   /dev/disk/by-id/dm-name-mydev
  dev-disk-by\x2dloop\x2dref-\x5cx2fhome\x5cx2ftmp\x5cx2fmydev.fs.device                   loaded    active     plugged   /dev/disk/by-loop-ref/\x2fhome\x2ftmp\x2fmydev.fs
● dev-mapper-mydev.device                                                                  loaded    activating tentative /dev/mapper/mydev
  home-tmp-mydev.mount                                                                     loaded    active     mounted   /home/tmp/mydev
● [email protected]                                                         not-found inactive   dead      [email protected]

I bet it's something cryptmount is doing.

ADDED 3: strace of cryptmount shows nothing interesting except a call to udev control. It doesn't appear to be udev, though, because after completely removing all udev rules temporarily I still have:

● dev-mapper-mydev.device                       loaded    activating tentative /dev/mapper/mydev
  home-tmp-mydev.mount                          loaded    active     mounted   /home/tmp/mydev
● [email protected]              not-found inactive   dead      [email protected]

, and I suspect it's the first one that's the problem.

So something deep in systemd, I guess? Not really closer to a resolution.

Improve this question

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.