udev slowness and selinux
Stephen Smalley
sds at tycho.nsa.gov
Fri Dec 2 19:17:16 UTC 2005
On Thu, 2005-12-01 at 09:03 -0600, Jason Dravet wrote:
> There has been some discussion on fedora-selinux-list about udev being
> slowed by selinux. One of the comments about the slowest is the number of
> nodes in /dev. Decrease the number of nodes in /dev and booting would be
> faster. I checked my /dev directory and I think I have found some nodes
> that are redundant. I have 32 ttySXX nodes in /dev. Please correct me if I
> am wrong but ttyS is usually used for serial ports. On my system I have two
> serial ports, both of which are disabled in the bios. I removed my modem
> when I switched to DSL, so shouldn't there be 0 ttyS nodes? There are 64
> ttyXX nodes. Aren't these the virtual terminals I use to login locally? If
> so shouldn't there only be 7 (Ctrl-F1 through Ctrl-F7)?
>
> The selinux-list group is looking into the issue, but I thought maybe until
> a fix is available this is something that could be looked into. I could be
> wrong and all of these nodes could be needed, but is so what are they used
> for?
It isn't the number of nodes in /dev; it is the number of entries in
file_contexts. And the slowdown should be improved/eliminated with
recent changes in libselinux (1.27.28); let us know if it isn't. There
are two changes in libselinux, one of which will have immediate benefit
without requiring any changes to udev, and the other of which requires a
small change to udev to take advantage of.
--
Stephen Smalley
National Security Agency
More information about the fedora-devel-list
mailing list