Bug 966751

Summary: service openvswitch status operation requires root permissions
Product: [Community] RDO Reporter: Steven Dake <sdake>
Component: openvswitchAssignee: Flavio Leitner <fleitner>
Status: CLOSED DUPLICATE QA Contact: Ofer Blaut <oblaut>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: apevec, chrisw, jkt, rkhan
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openvswitch-2.0.1-1.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-23 13:47:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Steven Dake 2013-05-23 21:15:20 UTC 
Description of problem:
The command "service openvswitch status" operation requires root permissions.  This operation should complete as a non-privileged user.

Version-Release number of selected component (if applicable):
openvswitch-1.10.0-1.el6.x86_64


How reproducible:
100%

Steps to Reproduce:
1. be logged in as a non-root user
2. run service openvswitch status
3.

Actual results:
[sdake@q1 utils]$ service openvswitch status
/usr/share/openvswitch/scripts/ovs-lib: line 49: /var/log/openvswitch/ovs-ctl.log: Permission denied
tee: /var/log/openvswitch/ovs-ctl.log: Permission denied
ovsdb-server is running with pid 1467
ovs-vswitchd is running with pid 1477
[sdake@q1 utils]$ echo $?
1

Expected results:
[sdake@q1 utils]$ service openvswitch status
ovsdb-server is running with pid 1467
ovs-vswitchd is running with pid 1477
[sdake@q1 utils]$ echo $?
0


Additional info:
openvswitch init script is able to determine that the ops-vswitchd and ovsdb-server processes are running, so there shouldn't be a need to run ovs-ctl.
Comment 1 Flavio Leitner 2014-02-27 02:24:17 UTC 
The problem is that openvswitch logs all initscripts operations (start/stop/restart/status/...) to the ovs-vsctl.log which has no write permission for non-root users.

Since the "status" operation doesn't affect the service at all, I don't see much value in logging it. Therefore, I am proposing a patch upstream to change that.

http://patchwork.openvswitch.org/patch/3128/
Comment 2 Flavio Leitner 2014-02-27 12:57:15 UTC 
Patch has been updated:
http://patchwork.openvswitch.org/patch/3133/
Comment 3 Flavio Leitner 2014-02-27 15:59:57 UTC 
Patch accepted upstream:
http://git.openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=691e47554dd03dd6492e00bab5bd6d215f5cbd4f

I will backport to our packages as the next step.
Comment 4 Flavio Leitner 2014-03-28 02:06:46 UTC 
This is fixed in openvswitch-2.0.1-1.el6
Comment 5 Flavio Leitner 2014-10-23 13:47:38 UTC 

*** This bug has been marked as a duplicate of bug 1148497 ***