search

evilsocket / opensnitch

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
GNU General Public License v3.0
9.88k stars 490 forks source link

Set proccess monitor method to eBPF and reboot, then login it take about 3min to load xfce desktop. #841

Closed hamedsbt closed 1 year ago

hamedsbt commented 1 year ago

I have installed opensnitch 1.6.0-rc4 when I set proccess monitor method to: eBPF and reboot, after login it take about 3min to load xfce desktop.

I have installed opensnitch 1.6.0-rc4 and opensnitch-ebpf-module-git then set proccess monitor method to: eBPF and reboot, after login it take about 3min to load xfce desktop. Also I have installed opensnitch 1.5.5 and opensnitch-ebpf-module 1.5.5-3 and have same issue.

$systemd-analyze time
Startup finished in 30.147s (firmware) + 6.069s (loader) + 2.562s (kernel) + 5.619s (userspace) = 44.399s 
graphical.target reached after 5.619s in userspace.

$systemctl status opensnitchd.service
* opensnitchd.service - OpenSnitch is a GNU/Linux application firewall.
     Loaded: loaded (/usr/lib/systemd/system/opensnitchd.service; enabled; preset: disabled)
     Active: active (running) since Thu 2023-02-09 10:47:44 +0330; 1min ago

My workaround: 1) disable opensnitch (to fix 3min to load xfce desktop) 2) reboot 3) run opensnitch-ui before start service (because if start service first then run opensnitch-ui, the opensnitch-ui does not connect to service) 4) manually start service (systemctl start opensnitchd.service)

gustavo-iniguez-goya commented 1 year ago

Hi @hamedsbt ,

You'll probably need to allow dirmngr, xbrlapi or some other system component: https://github.com/evilsocket/opensnitch/wiki/Getting-started#notes-

Do the following please:

  1. empty /var/log/opensnitchd.log:

truncate -s0 /var/log/opensnitchd.log

  1. reboot
  2. post the log /var/log/opensnitchd.log
hamedsbt commented 1 year ago

Thank you for reply, /var/log/opensnitchd.log:

[2023-02-09 12:17:44]  WAR  Error while pinging UI service: rpc error: code = DeadlineExceeded desc = Deadline Exceeded, state: READY
[2023-02-09 12:17:46]  WAR  Error while pinging UI service: rpc error: code = DeadlineExceeded desc = context deadline exceeded, state: READY
[2023-02-09 12:17:48]  WAR  Error while pinging UI service: rpc error: code = DeadlineExceeded desc = context deadline exceeded, state: READY
[2023-02-09 12:17:50]  WAR  Error while pinging UI service: rpc error: code = Unavailable desc = transport is closing, state: READY
[2023-02-09 12:17:50]  ERR  getting notifications: rpc error: code = Unavailable desc = transport is closing <nil>

[2023-02-09 12:17:50]  IMP  Got signal: terminated
[2023-02-09 12:18:24]  IMP  Start writing logs to /var/log/opensnitchd.log
[2023-02-09 12:18:40]  WAR  nfables filter rules not loaded: 1
[2023-02-09 12:18:40]  IMP  nftables firewall rules changed, reloading
[2023-02-09 12:18:41]  ERR  [-1] FindProcess() error: Unable to get process information
gustavo-iniguez-goya commented 1 year ago

OS: archlinux

Sorry, I didn't realize that you were using Arch. Until this issue #833 is fixed I cannot analyze any issues affecting that version, because we need a version that is not faulty.