| Message ID | 1542901077-7567-1-git-send-email-david.marchand@redhat.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [ovs-dev] ovs-ctl: fix system-id.conf owner | expand |
On Thu, Nov 22, 2018 at 04:37:57PM +0100, David Marchand wrote: > As far as RPMs are concerned, system-id.conf file is declared as being > owned by openvswitch. > At the first ovs startup, ovs-ctl creates this file if none exists without > ensuring this. > > We end up with an inconsistency: > $ rpm -V openvswitch > .....UG.. c /etc/openvswitch/system-id.conf > > Fix this when ovs-ctl is the one who creates the file. > > Note: this issue ends up being hidden after a RPM upgrade, since the > openvswitch user is enforced on the whole /etc/openvswitch directory as a > %post operation. > > Signed-off-by: David Marchand <david.marchand@redhat.com> > --- LGTM, thanks David! Acked-by: Flavio Leitner <fbl@sysclose.org>
On Thu, 22 Nov 2018 16:37:57 +0100 David Marchand <david.marchand@redhat.com> wrote: > As far as RPMs are concerned, system-id.conf file is declared as being > owned by openvswitch. > At the first ovs startup, ovs-ctl creates this file if none exists without > ensuring this. > > We end up with an inconsistency: > $ rpm -V openvswitch > .....UG.. c /etc/openvswitch/system-id.conf > > Fix this when ovs-ctl is the one who creates the file. > > Note: this issue ends up being hidden after a RPM upgrade, since the > openvswitch user is enforced on the whole /etc/openvswitch directory as a > %post operation. > > Signed-off-by: David Marchand <david.marchand@redhat.com> > --- Acked-by: Timothy Redaelli <tredaelli@redhat.com>
On Thu, Nov 22, 2018 at 04:37:57PM +0100, David Marchand wrote: > As far as RPMs are concerned, system-id.conf file is declared as being > owned by openvswitch. > At the first ovs startup, ovs-ctl creates this file if none exists without > ensuring this. > > We end up with an inconsistency: > $ rpm -V openvswitch > .....UG.. c /etc/openvswitch/system-id.conf > > Fix this when ovs-ctl is the one who creates the file. > > Note: this issue ends up being hidden after a RPM upgrade, since the > openvswitch user is enforced on the whole /etc/openvswitch directory as a > %post operation. > > Signed-off-by: David Marchand <david.marchand@redhat.com> Thanks! Applied to master.
diff --git a/utilities/ovs-ctl.in b/utilities/ovs-ctl.in index e42f0f1..3bd8a6d 100644 --- a/utilities/ovs-ctl.in +++ b/utilities/ovs-ctl.in @@ -61,8 +61,10 @@ set_system_ids () { # Migrate from old file name. . "$uuid_file" SYSTEM_ID=$INSTALLATION_UUID + run_as_ovsuser touch "$id_file" echo "$SYSTEM_ID" > "$id_file" elif SYSTEM_ID=`uuidgen`; then + run_as_ovsuser touch "$id_file" echo "$SYSTEM_ID" > "$id_file" else log_failure_msg "missing uuidgen, could not generate system ID" diff --git a/utilities/ovs-lib.in b/utilities/ovs-lib.in index 7df672c..9a0af2e 100644 --- a/utilities/ovs-lib.in +++ b/utilities/ovs-lib.in @@ -387,17 +387,21 @@ move_ip_routes () { done } -ovsdb_tool () { +run_as_ovsuser() { if [ "$OVS_USER" != "" ]; then local uid=$(id -u "${OVS_USER%:*}") local gid=$(id -g "${OVS_USER%:*}") local groups=$(id -G "${OVS_USER%:*}" | tr ' ' ',') - setpriv --reuid "$uid" --regid "$gid" --groups "$groups" ovsdb-tool -vconsole:off "$@" + setpriv --reuid "$uid" --regid "$gid" --groups "$groups" "$@" else - ovsdb-tool -vconsole:off "$@" + "$@" fi } +ovsdb_tool () { + run_as_ovsuser ovsdb-tool -vconsole:off "$@" +} + create_db () { DB_FILE="$1" DB_SCHEMA="$2"
As far as RPMs are concerned, system-id.conf file is declared as being owned by openvswitch. At the first ovs startup, ovs-ctl creates this file if none exists without ensuring this. We end up with an inconsistency: $ rpm -V openvswitch .....UG.. c /etc/openvswitch/system-id.conf Fix this when ovs-ctl is the one who creates the file. Note: this issue ends up being hidden after a RPM upgrade, since the openvswitch user is enforced on the whole /etc/openvswitch directory as a %post operation. Signed-off-by: David Marchand <david.marchand@redhat.com> --- utilities/ovs-ctl.in | 2 ++ utilities/ovs-lib.in | 10 +++++++--- 2 files changed, 9 insertions(+), 3 deletions(-)