diff mbox

[ovs-dev,RFC,v0,2/4] fedora: dynamically allocate ovs user

Message ID 20170423142114.3657-3-aconole@redhat.com
State Superseded
Headers show

Commit Message

Aaron Conole April 23, 2017, 2:21 p.m. UTC 
After this commit, the fedora RPM will create the openvswitch user, from the
non-static pool, for use as an Open vSwitch user.

Signed-off-by: Aaron Conole <aconole@redhat.com>
---
 rhel/openvswitch-fedora.spec.in | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)
diff mbox

Patch

diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in
index 2d14660..0fdf229 100644
--- a/rhel/openvswitch-fedora.spec.in
+++ b/rhel/openvswitch-fedora.spec.in
@@ -91,6 +91,8 @@  Requires: openssl hostname iproute module-init-tools
 #Upstream kernel commit 4f647e0a3c37b8d5086214128614a136064110c3
 #Requires: kernel >= 3.15.0-0
 
+Requires(post): /usr/bin/getent
+Requires(post): /usr/sbin/useradd
 Requires(post): systemd-units
 Requires(preun): systemd-units
 Requires(postun): systemd-units
@@ -271,6 +273,7 @@  install -d -m 0755 $RPM_BUILD_ROOT/%{_sharedstatedir}/openvswitch
 
 touch $RPM_BUILD_ROOT%{_sysconfdir}/openvswitch/conf.db
 touch $RPM_BUILD_ROOT%{_sysconfdir}/openvswitch/system-id.conf
+touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/openvswitch-pre
 
 install -p -m 644 -D selinux/openvswitch-custom.pp \
         $RPM_BUILD_ROOT%{_datadir}/selinux/packages/%{name}/openvswitch-custom.pp
@@ -350,11 +353,25 @@  rm -rf $RPM_BUILD_ROOT
 %endif
 
 %post
+
 %if 0%{?systemd_post:1}
+    if [ $1 -eq 1 ]; then
+        getent passwd openvswitch >/dev/null || \
+            useradd -r -d / -s /sbin/nologin -c "openvswitch user" openvswitch
+
+        echo "OVS_USER_ID=openvswitch:openvswitch" > \
+             /etc/sysconfig/openvswitch-pre
+    fi
     %systemd_post %{name}.service
 %else
     # Package install, not upgrade
     if [ $1 -eq 1 ]; then
+        getent passwd openvswitch >/dev/null || \
+            useradd -r -d / -s /sbin/nologin -c "openvswitch user" openvswitch
+
+        echo "OVS_USER_ID=openvswitch:openvswitch" > \
+             /etc/sysconfig/openvswitch-pre
+
         /bin/systemctl daemon-reload >dev/null || :
     fi
 %endif
@@ -488,9 +505,10 @@  fi
 %defattr(-,root,root)
 %{_sysconfdir}/bash_completion.d/ovs-appctl-bashcomp.bash
 %{_sysconfdir}/bash_completion.d/ovs-vsctl-bashcomp.bash
-%dir %{_sysconfdir}/openvswitch
-%config %ghost %{_sysconfdir}/openvswitch/conf.db
-%config %ghost %{_sysconfdir}/openvswitch/system-id.conf
+%ghost %{_sysconfdir}/openvswitch
+%ghost %{_sysconfdir}/openvswitch/conf.db
+%ghost %{_sysconfdir}/openvswitch/system-id.conf
+%ghost %{_sysconfdir}/sysconfig/openvswitch-pre
 %config(noreplace) %{_sysconfdir}/sysconfig/openvswitch
 %config(noreplace) %{_sysconfdir}/logrotate.d/openvswitch
 %{_unitdir}/openvswitch.service