[ovs-dev] [PATCH] redhat: Create /etc/openvswitch/* with openvswitch as user/group
Ben Pfaff
blp at ovn.org
Wed Nov 29 17:37:09 UTC 2017
On Wed, Nov 29, 2017 at 05:29:26PM +0000, Mark Michelson wrote:
> On Wed, Nov 29, 2017 at 11:15 AM Ben Pfaff <blp at ovn.org> wrote:
>
> > On Wed, Nov 29, 2017 at 12:10:42PM -0500, Aaron Conole wrote:
> > > Mark Michelson <mmichels at redhat.com> writes:
> > >
> > > > On Wed, Nov 29, 2017 at 10:54 AM Aaron Conole <aconole at redhat.com>
> > wrote:
> > > >
> > > > Timothy Redaelli <tredaelli at redhat.com> writes:
> > > >
> > > > > Without this commit is not possible to upgrade an openvswitch
> > release
> > > > > that includes the commit ac416a3ab2d2 (for example 2.8.0) with
> > another release
> > > > > that includes the commit ac416a3ab2d2 (for example master or
> > 2.8.1), because
> > > > > rpm changes the user/group of /etc/openvswitch to root/root, but
> > ovsdb-server
> > > > > starts with the user openvswitch and so it doesn't have permissions
> > to write in
> > > > > /etc/openvswitch/conf.db.
> > > > >
> > > > > This patch tell rpm to use the openvswitch user and group for
> > > > > /etc/openvswitch and /etc/openvswitch/default.conf.
> > > > >
> > > > > Reported-by: Mark Michelson <mmichels at redhat.com>
> > > > > CC: aaron conole <aconole at redhat.com>
> > > > > Fixes: ac416a3ab2d2 ("redhat: dynamically allocate and reference
> > ovs user")
> > > > > Signed-off-by: Timothy Redaelli <tredaelli at redhat.com>
> > > > > ---
> > > >
> > > > Ugh. I guess this is only a problem if you install ovs 2.8, and then
> > > > upgrade before creating the database?
> > > >
> > > > Regardless
> > > >
> > > > Acked-by: Aaron Conole <aconole at redhat.com>
> > > >
> > > > Nope, in my case I was installing OVS 2.8.0, starting openvswitch,
> > ovn-central, and ovn-controller
> > > > services. I added information to the external_ids column of the
> > open_vswitch table so that the
> > > > ovn-controller could connect to the OVN southbound database. I ensured
> > that ovn-sbctl reported the
> > > > chassis as expected.
> > > >
> > > > Then I performed the upgrade. After upgrading the RPMs,
> > /etc/openvswitch's ownership had changed
> > > > from openvswitch:openvswitch to root:root. Attempting to restart the
> > ovs-vswitchd service at this point
> > > > failed.
> > >
> > > Ouch. I thought I had confirmed the ability to upgrade again... somehow
> > > I guess my testing wasn't sufficient.
> >
> > Now I'm concerned. Should I not have applied this? Does it need a
> > revert?
> >
>
> No need to revert. There was just confusion over what needed to be done in
> order to trigger the issue that is fixed by this patch.
Thanks.
More information about the dev
mailing list