[ovs-dev] [PATCH v3 2/6] redhat: dynamically allocate and reference ovs user
Aaron Conole
aconole at redhat.com
Tue Aug 1 22:05:39 UTC 2017
After this commit, the fedora RPM will create the openvswitch user, from the
non-static pool, for use as an Open vSwitch daemon user. This only happens
on install - not upgrade. This will be the default user:group
combination for the openvswitch daemons.
To do this in a way that doesn't impact existing installations, the
/etc/openvswitch directory will be created during the installation,
rather than being provided as part of the rpm.
Acked-by: Markos Chandras <mchandras at suse.de>
Signed-off-by: Aaron Conole <aconole at redhat.com>
---
rhel/openvswitch-fedora.spec.in | 13 +++++++++++++
rhel/usr_lib_systemd_system_ovsdb-server.service | 1 +
2 files changed, 14 insertions(+)
diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in
index 3179568..959aa2e 100644
--- a/rhel/openvswitch-fedora.spec.in
+++ b/rhel/openvswitch-fedora.spec.in
@@ -92,6 +92,9 @@ Requires: openssl hostname iproute module-init-tools
#Upstream kernel commit 4f647e0a3c37b8d5086214128614a136064110c3
#Requires: kernel >= 3.15.0-0
+Requires(post): /usr/bin/getent
+Requires(post): /usr/sbin/useradd
+Requires(post): /usr/bin/sed
Requires(post): systemd-units
Requires(preun): systemd-units
Requires(postun): systemd-units
@@ -361,6 +364,16 @@ rm -rf $RPM_BUILD_ROOT
%endif
%post
+if [ $1 -eq 1 ]; then
+ getent passwd openvswitch >/dev/null || \
+ useradd -r -d / -s /sbin/nologin -c "Open vSwitch Daemons" openvswitch
+
+ sed -i 's:^#OVS_USER_ID=:OVS_USER_ID=:' /etc/sysconfig/openvswitch
+
+ # In the case of upgrade, this is not needed.
+ chown -R openvswitch:openvswitch /etc/openvswitch
+fi
+
%if 0%{?systemd_post:1}
%systemd_post %{name}.service
%else
diff --git a/rhel/usr_lib_systemd_system_ovsdb-server.service b/rhel/usr_lib_systemd_system_ovsdb-server.service
index b82cb33..7acd25f 100644
--- a/rhel/usr_lib_systemd_system_ovsdb-server.service
+++ b/rhel/usr_lib_systemd_system_ovsdb-server.service
@@ -10,6 +10,7 @@ Type=forking
Restart=on-failure
EnvironmentFile=/etc/openvswitch/default.conf
EnvironmentFile=-/etc/sysconfig/openvswitch
+ExecStartPre=/usr/bin/chown ${OVS_USER_ID} /var/run/openvswitch
ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \
--no-ovs-vswitchd --no-monitor --system-id=random \
--ovs-user=${OVS_USER_ID} \
--
2.9.4
More information about the dev
mailing list