Bug 1702758
Summary: | libvirt-lock-sanlock expected file permissions in package don't match final runtime permissions | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux Advanced Virtualization | Reporter: | Ryan Mullett <rmullett> |
Component: | libvirt | Assignee: | Jiri Denemark <jdenemar> |
Status: | CLOSED ERRATA | QA Contact: | yalzhang <yalzhang> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 8.0 | CC: | chhu, dyuan, jdenemar, xuzhang, yalzhang |
Target Milestone: | rc | Keywords: | Automation |
Target Release: | 8.1 | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | libvirt-5.4.0-1.el8 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-11-06 07:14:16 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Ryan Mullett
2019-04-24 17:09:15 UTC
It is a known behavior. I'm not sure if it is a bug. As we QE have confirmed with developers that it is by design. In the post install script Dev try to change the directory to be accessible for sanlock group if that is present in the system. Let's double confirm with developers. That's correct. On the other hand, the directory is created by libvirt-lock-sanlock subpackage, which depends on sanlock. So if the sanlock group is actually created by the sanlock package (I'll check this), we should be able to set the owner and permissions unconditionally. Patch sent upstream for review: https://www.redhat.com/archives/libvir-list/2019-May/msg00593.html This will be addressed in the next major release. Fixed upstream by commit e67b0a45769bfdca48520193e9ad1209b900d64f Refs: v5.3.0-146-ge67b0a4576 Author: Jiri Denemark <jdenemar> AuthorDate: Tue May 21 13:09:22 2019 +0200 Commit: Jiri Denemark <jdenemar> CommitDate: Mon May 27 15:00:11 2019 +0200 spec: Unconditionally set ownership of /var/lib/libvirt/sanlock The libvirt-lock-sanlock subpackage requires sanlock to be installed first and the sanlock package creates the sanlock group on all distros we care about in the spec file (Fedora and RHEL >= 7). Thus instead of setting the ownership and permissions in a post scriptlet only when the sanlock group exists we can just install the directory with the appropriate metadata. https://bugzilla.redhat.com/show_bug.cgi?id=1702758 Signed-off-by: Jiri Denemark <jdenemar> Acked-by: Michal Privoznik <mprivozn> Reproduce the bug on # rpm -q libvirt-lock-sanlock libvirt-lock-sanlock-5.0.0-8.module+el8.0.1+3222+2dc794c6.x86_64 # rpm -V libvirt-lock-sanlock .M....G.. /var/lib/libvirt/sanlock verify on libvirt-lock-sanlock--5.4.0-2 # rpm -q libvirt-lock-sanlock libvirt-lock-sanlock-5.4.0-2.module+el8.1.0+3523+b348b848.x86_64 # rpm -V libvirt-lock-sanlock ==> no outputs # echo $? 0 # systemctl stop libvirtd # rpm -V libvirt-lock-sanlock ==> no outputs Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:3723 |