[ovs-dev] [RFC] lib/automake.mk: remove runtime directories

Flavio Leitner fbl at sysclose.org
Thu Mar 23 17:03:42 UTC 2017 

On Wed, Mar 22, 2017 at 12:43:29PM -0400, Eric Garver wrote:
> On Tue, Mar 21, 2017 at 02:20:30PM -0400, Aaron Conole wrote:
> > Aaron Conole <aconole at redhat.com> writes:
> > 
> > > The Open vSwitch run, log, and DB directories are installed as part of the
> > > normal `make install` process.  However, this means they are created with
> > > user and group ownership that may conflict with the desired user.  For
> > > example, running `make install` as root will install those files as
> > > root:root, whereas the runtime user desired may be openvswitch:openvswitch.
> > >
> > > Since these directories are automatically created as part of the ovs-ctl
> > > command, and with the correct user:group permissions, it makes sense to
> > > delay creation until these directories are actually required.
> > >
> > > Signed-off-by: Aaron Conole <aconole at redhat.com>
> > > ---
> > 
> > I was about to submit this with a fixup to the rhel side, but I dug into
> > an older mailing list discussion where at least it seems like Ben wanted
> > the make install to create these runtime directories[1], presumably to
> > alleviate concerns with adding these mkdir type directives to each
> > distro.
> > 
> > I'm not sure how best to proceed with this effort, since I want to
> > enable non-root ovs 'out of the box'.  If that has to be done
> > distro-specific (and I should simply modify the .spec file for this),
> > then that may be acceptable for me.  I think the issue encountered in
> > [1] is due to not using ovs-ctl to start the daemons.  Perhaps it will
> > still be required from the fedora side to create these directories - I'm
> > not sure.
> > 
> > Thoughts?
> > 
> > 1: https://mail.openvswitch.org/pipermail/ovs-dev/2013-July/273197.html
> 
> Seems the perm changes should be part of the distro specific stuff.
> Don't they also have to create the users/groups?

They seem to be two separate problems.  If an user is using "make
install", most probably it needs to be root anyways and who knows
which user he/she wants to use.

On a distribution level, it doesn't matter much what make install does
because RPM can fix permissions, create a standard user/groups, fix the
initialization, and so on.

-- 
Flavio

More information about the dev mailing list