0

I was worried that my computer could be compromised and my login session is being hijacked by some malicious hook.

In .xsession executed by xdm, I capture a pstree snapshot a file to debug this situation.

This file's timestamp shows five to fifteen second delay after X11 login!

.xsession-errors doesn't show anything weird, only that I'm being added to "access control list" and then a couple of environment entries reported by dbus-update-activation-environment with no timestamps.

dmesg during this weird pause:

r8168: eth0: link up
IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
random: crng init done
random: 7 urandom warning(s) missed due to ratelimiting
audit: type=1400 audit(1546022714.845:26): apparmor="STATUS" [...]
bridge: filtering via arp/ip/ip6tables is no longer available [...]
Bridge firewalling registered
Initializing XFRM netlink socket
IPv6: ADDRCONF(NETDEV_UP): docker0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): br-f14696ee8bfd: link is not ready

Regardless of the root cause (I suspect something demands more randomness after boot), how such problems can be debugged further?

Can I leverage systemd for example?

locu
  • 81
  • 6

1 Answers1

0

You can also look in /var/log/Xorg.0.log and search for "EE".

But there might be something going on in the system that wouldn't be reported in either of those. Try this right after you finally get logged in. The -e switch jumps to the end of the log, so start paging up looking for errors.

journalctl -e

My laptop has a problem similar to what you described, but in my case it's a known problem. I see this in the log, with the first line displayed in red. If you see something similar, you can search the bugzilla for your distro to see if it's been reported.

Jan 24 21:19:36 travel kernel: [drm:drm_atomic_helper_wait_for_flip_done [drm_kms_helper]] *ERROR* [CRTC:41:pipe B] flip_done timed out
Jan 24 21:19:37 travel kernel: ------------[ cut here ]------------
Jan 24 21:19:37 travel kernel: vblank wait timed out on crtc 1
Jan 24 21:19:37 travel kernel: WARNING: CPU: 0 PID: 740 at drivers/gpu/drm/drm_vblank.c:1084 drm_wait_one_vblank+0x161/0x170 [drm]
Jan 24 21:19:37 travel kernel: Modules linked in: xt_CHECKSUM ipt_MASQUERADE tun bridge stp llc nf_conntrack_netbios_ns ...
Jan 24 21:19:37 travel kernel:  mac80211 joydev snd_pcm i2c_i801 lpc_ich snd_timer snd soundcore cfg80211 rfkill wmi ...
Jan 24 21:19:37 travel kernel: CPU: 0 PID: 740 Comm: Xorg Tainted: G        W         4.19.13-300.fc29.x86_64 #1
Jan 24 21:19:37 travel kernel: Hardware name: Dell Inc. Inspiron 1525                   /0U990C, BIOS A13 06/27/2008
Ken Jackson
  • 307
  • 1
  • 5