Hi Aaron, On 07/05/2017 08:56 PM, Aaron Conole wrote: > After this commit, the fedora RPM will create the openvswitch user, from the > non-static pool, for use as an Open vSwitch daemon user. This only happens > on install - not upgrade. This will be the default user:group > combination for the openvswitch daemons. > > Signed-off-by: Aaron Conole <acon...@redhat.com> > --- > rhel/openvswitch-fedora.spec.in | 13 +++++++++++++ > rhel/usr_lib_systemd_system_ovsdb-server.service | 1 + > 2 files changed, 14 insertions(+) > > diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in > index 88d4331..7c805b2 100644 > --- a/rhel/openvswitch-fedora.spec.in > +++ b/rhel/openvswitch-fedora.spec.in > @@ -92,6 +92,9 @@ Requires: openssl hostname iproute module-init-tools > #Upstream kernel commit 4f647e0a3c37b8d5086214128614a136064110c3 > #Requires: kernel >= 3.15.0-0 > > +Requires(post): /usr/bin/getent > +Requires(post): /usr/sbin/useradd > +Requires(post): /usr/bin/sed > Requires(post): systemd-units > Requires(preun): systemd-units > Requires(postun): systemd-units > @@ -357,6 +360,16 @@ rm -rf $RPM_BUILD_ROOT > %endif > > %post > +if [ $1 -eq 1 ]; then > + getent passwd openvswitch >/dev/null || \ > + useradd -r -d / -s /sbin/nologin -c "Open vSwitch Daemons" > openvswitch > + > + sed -i 's:^#OVS_USER_ID=:OVS_USER_ID=:' /etc/sysconfig/openvswitch
I am a bit puzzled about this to be honest... I am wondering if it would be better to do it the other way around. For example, supply a sysconfig file with OVS_USER_ID commented out, but if it's an upgrade, then do the sed magic to switch to root:root so things keep working as before. Would that be better? > + > + # In the case of upgrade, this is not needed. > + chown -R openvswitch:openvswitch /etc/openvswitch Should this be part of the systemd file in a ExecStartPre statement instead? Similar to what you do for the /var/run/openvswitch directory. -- markos SUSE LINUX GmbH | GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nürnberg) Maxfeldstr. 5, D-90409, Nürnberg _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
