Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

Chapter 52. Compiler and Tools

Oprofile utilities cannot collect performance data in kernel code by default

Kernel in Red Hat Enterprise Linux 7.3 changes the default value of /proc/sys/kernel/perf_event_paranoid from 1 to 2. As a consequence, collection of performance event data of code in the kernel requires root privileges. When running the occount or operf utility as a normal user, the default performance event attempts to collect data for both kernel and user code and the setup of the performance event fails because of the default perf_event_paranoid setting.
To work around this problem, change the value in /proc/sys/kernel/perf_event_paranoid to 1. If unable to do that, instead determine the default event used on the machine by running the ophelp -d command, and then explicitly change the end of the event from :1:1 to :0:1 to disable data collection in the kernel space, for example:
$ operf -e CPU_CLK_UNHALTED:100000:0:0:1 true
As a result, changing /proc/sys/kernel/perf_event_paranoid or explicitly disabling monitoring of kernel events for normal users allows collection of data, thus avoiding this issue. (BZ#1349077)

The pesign key database requires manually changing permissions to enable improved access permission controls

The pesign key database, which is used to sign UEFI binaries, now offers a more generalized method of setting database access permissions. You can now configure permissions using system-wide key databases, and means that any user or group can now be granted access.
However, a known issue in permission settings in pesign currently prevents the aforementioned new feature from working. To enable the improved access control, you must change the permissions to pesign manually:
chmod 0660 /etc/pki/pesign/*
chmod 0770 /etc/pki/pesign
After setting these permissions, the improved access control will become available. If you do not perform these steps, pesign behavior will be identical to previous releases. (BZ#1141263)