[ovs-dev] [PATCH] utilities: Run ovsdb-server pre-startup DB steps as root

Timothy Redaelli tredaelli at redhat.com
Thu Aug 2 17:06:50 UTC 2018


On Thu, Aug 2, 2018 at 4:58 PM, Timothy Redaelli <tredaelli at redhat.com>
wrote:
[...]
>
> diff --git a/utilities/ovs-lib.in b/utilities/ovs-lib.in
> index c3b76ec94..33776aac7 100644
> --- a/utilities/ovs-lib.in
> +++ b/utilities/ovs-lib.in
> @@ -389,7 +389,10 @@ move_ip_routes () {
>
>  ovsdb_tool () {
>      if [ "$OVS_USER" != "" ]; then
> -        runuser --user "${OVS_USER%:*}" -- ovsdb-tool -vconsole:off "$@"
> +        local uid=$(id -u "${OVS_USER%:*}")
> +        local gid=$(id -g "${OVS_USER%:*}")
> +        local groups=$(id -G "${OVS_USER%:*}" | tr ' ' ',')
> +        setpriv --reuid "$uid" --regid "$gid" --groups "$groups"
> ovsdb-tool -vconsole:off "$@"

^ I'm sorry, I had this long line wrapped.

>      else
>          ovsdb-tool -vconsole:off "$@"
>      fi

This is, hopefully, the correct git-diff:

diff --git a/utilities/ovs-lib.in b/utilities/ovs-lib.in
index c3b76ec94..33776aac7 100644
--- a/utilities/ovs-lib.in
+++ b/utilities/ovs-lib.in
@@ -389,7 +389,10 @@ move_ip_routes () {

 ovsdb_tool () {
     if [ "$OVS_USER" != "" ]; then
-        runuser --user "${OVS_USER%:*}" -- ovsdb-tool -vconsole:off "$@"
+        local uid=$(id -u "${OVS_USER%:*}")
+        local gid=$(id -g "${OVS_USER%:*}")
+        local groups=$(id -G "${OVS_USER%:*}" | tr ' ' ',')
+        setpriv --reuid "$uid" --regid "$gid" --groups "$groups"
ovsdb-tool -vconsole:off "$@"
     else
         ovsdb-tool -vconsole:off "$@"
     fi


More information about the dev mailing list