Bug 2215604

Summary: useradd/groupmod errors do not terminate %pre script with errors
Product: Red Hat Enterprise Linux Fast Datapath Reporter: ovs-bugzilla <ovs-bugzilla>
Component: openvswitch2.17Assignee: Timothy Redaelli <tredaelli>
Status: CLOSED ERRATA QA Contact: Rick Alongi <ralongi>
Severity: high Docs Contact:
Priority: unspecified    
Version: FDP 22.LCC: ctrautma, jhsiao, ralongi
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openvswitch2.17-2.17.0-92.el9fdp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-07-06 19:17:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description ovs-bugzilla 2023-06-16 18:11:13 UTC 
+++ This bug was initially created as a clone of Bug #2193168 +++

We have observed that ppc64le RHCOS builds fail to modify the hugetlbfs group to add the openvswitch user, which causes OVS startup to fail because it cannot chown directories to the right group/user.

This appears to be because RPM's /bin/sh does not "set -e" and therefore errors returned by useradd/groupadd/usermod get ignored and do not terminate the %pre script.

%pre
getent group openvswitch >/dev/null || groupadd -r openvswitch
getent passwd openvswitch >/dev/null || \
    useradd -r -g openvswitch -d / -s /sbin/nologin \
    -c "Open vSwitch Daemons" openvswitch

%ifarch %{dpdkarches}
    getent group hugetlbfs >/dev/null || groupadd hugetlbfs
    usermod -a -G hugetlbfs openvswitch
%endif
exit 0

This causes issues like:

[2023-05-02T18:30:05.713Z] openvswitch3.1.prein: usermod.rpmostreesave: /etc/passwd.6: lock file already used
[2023-05-02T18:30:05.713Z] openvswitch3.1.prein: usermod.rpmostreesave: cannot lock /etc/passwd; try again later.

If we add "|| exit 1" behind those it'll supposedly help surface errors.
Comment 1 ovs-bugzilla 2023-06-16 18:11:15 UTC 
* Fri Jun 16 2023 Timothy Redaelli <tredaelli> - 2.17.0-92
- redhat: Use sysusers instead of useradd/groupadd directly [RH git: aeeb5c020a] (#2193168)
    Reported-at: https://bugzilla.redhat.com/2193168
    Reported-by: Dan Williams <dcbw>
    Signed-off-by: Timothy Redaelli <tredaelli>
Comment 4 Rick Alongi 2023-07-05 12:27:59 UTC 
Marking BZ Verified per https://bugzilla.redhat.com/show_bug.cgi?id=2193168#c13.
Comment 6 errata-xmlrpc 2023-07-06 19:17:41 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (openvswitch2.17 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:3988