Bug 960063
| Summary: | check DB objects before upgrade (owner engine) | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Pavel Stehlik <pstehlik> |
| Component: | ovirt-engine | Assignee: | Eli Mesika <emesika> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Jiri Belka <jbelka> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 3.2.0 | CC: | acathrow, alonbl, bazulay, emesika, iheim, jkt, lpeer, Rhev-m-bugs, yeylon |
| Target Milestone: | --- | Keywords: | Triaged |
| Target Release: | 3.3.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | infra | ||
| Fixed In Version: | is10 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | Bug | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | Infra | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
We must first create our objects in our own schema for that and not in 'public' this is what had been concluded with Barak until BZ 951923 will be implemented in 3.3 we will have a temporary utility for this that will check only Materialized Views definitions for proper ownership by user 'engine' Proposed solution : 1) Setup will validate objects owner and exit with a message listing all objects that are not owned by engine 2) The MV SPs that creates database objects will use PG current_user to verify that the user creating the MVs is engine (In reply to Eli Mesika from comment #4) > Proposed solution : > > 1) Setup will validate objects owner and exit with a message listing all > objects that are not owned by engine In other words: if object were created with user other than the engine user, these must be manually fixed before installation can proceed. Please ACK. (In reply to Alon Bar-Lev from comment #5) > (In reply to Eli Mesika from comment #4) > > Proposed solution : > > > > 1) Setup will validate objects owner and exit with a message listing all > > objects that are not owned by engine > > In other words: if object were created with user other than the engine user, > these must be manually fixed before installation can proceed. > > Please ACK. ACK (In reply to Eli Mesika from comment #4) > Proposed solution : > > 1) Setup will validate objects owner and exit with a message listing all > objects that are not owned by engine > > 2) The MV SPs that creates database objects will use PG current_user to > verify that the user creating the MVs is engine Patch addresses issue 2) 1) should be done by the installer fixed in commit : af7e115 Please provide verification steps. Thank you. (In reply to Jiri Belka from comment #9) > Please provide verification steps. Thank you. 1) create an empty database from root account run su - postgres -c "psql -d template1 -c \"create database engine_960063 owner engine;\"" 2) from dbscripts dir run ./create_schema.sh -u engine -d engine_960063 3) run psql -U postgres -c "select * from CreateMaterializedView('v_vds', 'vds', 30, false, 60);" engine_960063 you should get: ERROR: Materialized view v_vds should be created with user 'engine'. ok, is20.1 Closing - RHEV 3.3 Released Closing - RHEV 3.3 Released |
Description of problem: Check & stop upgrade in case there are objects in DB not owned by engine user. This routine should prevent from failing upgrade in later stage. This could currently happened in case user perform materialized views (& other changes) by different user (eg: postgres). Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. login as user postgres 2. replace view - eg: creatematerializedviewas('vm_device_view',10); 3. Actual results: upgrade will fail & rollback will run Expected results: put permissions check at very start of upgrade script among other checks Additional info: