From patchwork Mon Oct 26 23:15:40 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Andy Zhou <azhou@nicira.com>
X-Patchwork-Id: 536362
Return-Path: <dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from archives.nicira.com (li376-54.members.linode.com
	[96.126.127.54]) by ozlabs.org (Postfix) with ESMTP id 3312C141347
	for <incoming@patchwork.ozlabs.org>;
	Tue, 27 Oct 2015 10:15:55 +1100 (AEDT)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=nicira_com.20150623.gappssmtp.com
	header.i=@nicira_com.20150623.gappssmtp.com header.b=okLCpHRj;
	dkim-atps=neutral
Received: from archives.nicira.com (localhost [127.0.0.1])
	by archives.nicira.com (Postfix) with ESMTP id BE74F1054A;
	Mon, 26 Oct 2015 16:15:50 -0700 (PDT)
X-Original-To: dev@openvswitch.org
Delivered-To: dev@openvswitch.org
Received: from mx3v3.cudamail.com (mx3.cudamail.com [64.34.241.5])
	by archives.nicira.com (Postfix) with ESMTPS id 46E6F103C4
	for <dev@openvswitch.org>; Mon, 26 Oct 2015 16:15:48 -0700 (PDT)
Received: from bar3.cudamail.com (localhost [127.0.0.1])
	by mx3v3.cudamail.com (Postfix) with ESMTPS id CCCBB163116
	for <dev@openvswitch.org>; Mon, 26 Oct 2015 17:15:47 -0600 (MDT)
X-ASG-Debug-ID: 1445901347-03dd7b10672b58a0001-byXFYA
Received: from mx3-pf3.cudamail.com ([192.168.14.3]) by bar3.cudamail.com
	with
	ESMTP id 6vSCLx4z45htT1ja (version=TLSv1 cipher=DHE-RSA-AES256-SHA
	bits=256 verify=NO) for <dev@openvswitch.org>;
	Mon, 26 Oct 2015 17:15:47 -0600 (MDT)
X-Barracuda-Envelope-From: azhou@nicira.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.14.3
Received: from unknown (HELO mail-pa0-f46.google.com) (209.85.220.46)
	by mx3-pf3.cudamail.com with ESMTPS (RC4-SHA encrypted);
	26 Oct 2015 23:15:47 -0000
Received-SPF: unknown (mx3-pf3.cudamail.com: Multiple SPF records returned)
X-Barracuda-Apparent-Source-IP: 209.85.220.46
X-Barracuda-RBL-IP: 209.85.220.46
Received: by pacfv9 with SMTP id fv9so210533373pac.3
	for <dev@openvswitch.org>; Mon, 26 Oct 2015 16:15:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=nicira_com.20150623.gappssmtp.com; s=20150623;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=9S1c+pQ1JuiGN2lXWZdg09yBPF+PmcZ6ZNSwVr7wQBQ=;
	b=okLCpHRjpWFEvGvPmm3G8JmPK0DoK/5Pslnd35znonexRsgRFFbxupyKPj7gtTYmd8
	B7QDHmyGN1LyL45enP9LSYS/mQjIlnzLE2h4yx1HUGn1aJct+fimSazFLJ6zOZO3zUhi
	SDb9ZnZGkuE1Femo7L8AKU5ofMSuJFWHwRfbj1c2B9mQxNXHEj/wxGrOqAJHrebL10+y
	i3lhLt2w1ULy6gnPx1ihTPj9f5+ZI+OHhylrD+mbbaIsVY/B6rXUGMpizxPgR4aXcHtx
	sP4DC8YV1ngazLIom7vXzE/WSHDtEXjCeyDCDGYace2E8dI0lv5bWOCIkhhop8oknUO6
	cFBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=9S1c+pQ1JuiGN2lXWZdg09yBPF+PmcZ6ZNSwVr7wQBQ=;
	b=Q5P4EH7FEuRns2/+2m7UpLUvMAOxiX0d63KEUXuj4GV0Huqtbm9bQ7xBYQWjW8DA2E
	D/f1QbAXeT5w5HkgK5HdYvCgXqmqsuW1LiSKXjzkM17YyYLfT88DGlzUqPhfj4u+ZCEP
	Nxr27eqDYp8naDGjnXIT9b1srl2YCFLyFvkRhWeceLFnlR948R+I2cfboTGiTb6lUVYM
	Fx3ZTE1tZaNMriZkNhgf/tObMiePssfxmQvsk4oyN/DRGCuybl6NEDwvloV4Q6sTzilx
	9gfdB2871EBR63VLXUNXd5/GVk9AZ5fCBm32hBd2TG2fyftzhDI6ZGqaYnyADDNKfWMZ
	Zd9Q==
X-Gm-Message-State: 
 ALoCoQmZDQ0nO20L5XtyjCrLDO9AQyXetHS/W6WcW6g2ZZYaNjhZlyy+EEVhSv7jQG6BSfcpOLki
X-Received: by 10.66.123.72 with SMTP id ly8mr24326775pab.92.1445901346591;
	Mon, 26 Oct 2015 16:15:46 -0700 (PDT)
Received: from ubuntu.localdomain ([208.91.1.34])
	by smtp.gmail.com with ESMTPSA id
	pj10sm35853672pbc.59.2015.10.26.16.15.45
	(version=TLSv1/SSLv3 cipher=OTHER);
	Mon, 26 Oct 2015 16:15:46 -0700 (PDT)
X-CudaMail-Envelope-Sender: azhou@nicira.com
From: Andy Zhou <azhou@nicira.com>
To: dev@openvswitch.org
X-CudaMail-Whitelist-To: dev@openvswitch.org
X-CudaMail-MID: CM-V3-1025064414
X-CudaMail-DTE: 102615
X-CudaMail-Originating-IP: 209.85.220.46
Date: Mon, 26 Oct 2015 16:15:40 -0700
X-ASG-Orig-Subj: [##CM-V3-1025064414##][Debian-non-root v3 3/4] ovs-ctl: add
	--run-as option
Message-Id: <1445901341-7182-3-git-send-email-azhou@nicira.com>
X-Mailer: git-send-email 1.9.1
In-Reply-To: <1445901341-7182-1-git-send-email-azhou@nicira.com>
References: <1445901341-7182-1-git-send-email-azhou@nicira.com>
X-Barracuda-Connect: UNKNOWN[192.168.14.3]
X-Barracuda-Start-Time: 1445901347
X-Barracuda-Encrypted: DHE-RSA-AES256-SHA
X-Barracuda-URL: https://web.cudamail.com:443/cgi-mod/mark.cgi
X-ASG-Whitelist: Header =?UTF-8?B?eFwtY3VkYW1haWxcLXdoaXRlbGlzdFwtdG8=?=
X-Virus-Scanned: by bsmtpd at cudamail.com
X-Barracuda-BRTS-Status: 1
Subject: [ovs-dev] [Debian-non-root v3 3/4] ovs-ctl: add --run-as option
X-BeenThere: dev@openvswitch.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: <dev.openvswitch.org>
List-Unsubscribe: <http://openvswitch.org/mailman/options/dev>,
	<mailto:dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://openvswitch.org/pipermail/dev>
List-Post: <mailto:dev@openvswitch.org>
List-Help: <mailto:dev-request@openvswitch.org?subject=help>
List-Subscribe: <http://openvswitch.org/mailman/listinfo/dev>,
	<mailto:dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: dev-bounces@openvswitch.org
Sender: "dev" <dev-bounces@openvswitch.org>

Add option to ovs-ctl script to specify whether to start the daemons as
root user or ovs user.  The default is 'run-as=root', which preserves
the script's current behavior.

Signed-off-by: Andy Zhou <azhou@nicira.com>
---
 utilities/ovs-ctl.8  |  4 ++++
 utilities/ovs-ctl.in | 28 +++++++++++++++++++++++++---
 utilities/ovs-lib.in |  9 ++++++++-
 3 files changed, 37 insertions(+), 4 deletions(-)

diff --git a/utilities/ovs-ctl.8 b/utilities/ovs-ctl.8
index 6a9a544..2d38362 100644
--- a/utilities/ovs-ctl.8
+++ b/utilities/ovs-ctl.8
@@ -123,6 +123,10 @@ another string is specified \fBovs\-ctl\fR uses it literally.
 The following options should be specified if the defaults are not
 suitable:
 .
+.IP "\fB\-\-run\-as=\fIuser[:group]\fR"
+Run OVS daemons as the user specified. In case 'user' is not root, OVS
+daemons will run with the least privileges necessary.
+.
 .IP "\fB\-\-system\-type=\fItype\fR"
 .IQ "\fB\-\-system\-version=\fIversion\fR"
 Sets the value to store in the \fBsystem-type\fR and
diff --git a/utilities/ovs-ctl.in b/utilities/ovs-ctl.in
index c9d75df..c844f7e 100755
--- a/utilities/ovs-ctl.in
+++ b/utilities/ovs-ctl.in
@@ -1,5 +1,5 @@
 #! /bin/sh
-# Copyright (C) 2009, 2010, 2011, 2012, 2013, 2014 Nicira, Inc.
+# Copyright (C) 2009, 2010, 2011, 2012, 2013, 2014, 2015 Nicira, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -13,8 +13,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-OVS_USER=root         # Default user.
-OVS_GROUP=root        # Default group.
 
 case $0 in
     */*) dir0=`echo "$0" | sed 's,/[^/]*$,,'` ;;
@@ -101,6 +99,7 @@ set_system_ids () {
             else
                 log_failure_msg "missing uuidgen, could not generate system ID"
             fi
+            chown "$OVS_USER":"$OVS_GROUP" $id_file
             ;;
 
         '')
@@ -535,6 +534,8 @@ set_defaults () {
         SYSTEM_TYPE=unknown
         SYSTEM_VERSION=unknown
     fi
+    OVS_USER=root         # Default user.
+    OVS_GROUP=$OVS_USER   # Default group.
 }
 
 usage () {
@@ -573,6 +574,7 @@ Less important options for "start", "restart" and "force-reload-kmod":
   --daemon-cwd=DIR               set working dir for OVS daemons (default: $DAEMON_CWD)
   --no-force-corefiles           do not force on core dumps for OVS daemons
   --no-mlockall                  do not lock all of ovs-vswitchd into memory
+  --run-as=USER                  run ovs daemons as the root user of ovs user (default: $OVS_USER:$OVS_GROUP)
   --ovsdb-server-priority=NICE   set ovsdb-server's niceness (default: $OVSDB_SERVER_PRIORITY)
   --ovs-vswitchd-priority=NICE   set ovs-vswitchd's niceness (default: $OVS_VSWITCHD_PRIORITY)
 
@@ -653,6 +655,26 @@ do
                     ;;
             esac
             ;;
+        --run-as=*)
+            value=`expr X"$arg" : 'X[^=]*=\(.*\)'`
+            case $value in
+                [a-z]*:*)
+                    OVS_USER=`expr X"$value" : 'X\(.*\):.*'`
+                    OVS_GROUP=`expr X"$value" : 'X[^:]*:\(.*\)'`
+                    if  test X"$OVS_GROUP" = X; then
+                        OVS_GROUP=$OVS_USER
+                    fi
+                    ;;
+                [a-z]*)
+                    OVS_USER=`expr X"$value" : 'X\(.*\)'`
+                    OVS_GROUP=$OVS_USER
+                    ;;
+                *)
+                    echo >&2 "$0: --run-as argument not in the form \"user[:group]\""
+                    exit 1
+                    ;;
+            esac
+            ;;
         --[a-z]*=*)
             option=`expr X"$arg" : 'X--\([^=]*\)'`
             value=`expr X"$arg" : 'X[^=]*=\(.*\)'`
diff --git a/utilities/ovs-lib.in b/utilities/ovs-lib.in
index 34e2041..2a9eff3 100644
--- a/utilities/ovs-lib.in
+++ b/utilities/ovs-lib.in
@@ -149,10 +149,15 @@ start_daemon () {
     set "$@" --log-file="$logdir/$daemon.log"
 
     # pidfile and monitoring
-    test -d "$rundir" || install -d -m 755 -o "$OVS_USER" -g "$OVS_GROUP" "$rundir"
+    test -d "$rundir" || install -d -m 775 -o "$OVS_USER" -g "$OVS_GROUP" "$rundir"
     set "$@" --pidfile="$rundir/$daemon.pid"
     set "$@" --detach --monitor
 
+    # non root user
+    if test "$OVS_USER" != "root"; then
+        set "$@" --user="$OVS_USER":"$OVS_GROUP"
+    fi
+
     # wrapper
     case $wrapper in
         valgrind)
@@ -376,4 +381,6 @@ upgrade_db () {
             create_db "$DB_FILE" "$DB_SCHEMA"
         fi
     fi
+
+    chown -R "$OVS_USER":"$OVS_GROUP" `dirname $DB_FILE`
 }