Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
The FDP team is no longer accepting new bugs in Bugzilla. Please report your issues under FDP project in Jira. Thanks.

Bug 2007290

Summary: ownership of /var/log/openvswitch is changed after the openvswitch package is updated
Product: Red Hat Enterprise Linux Fast Datapath Reporter: Timothy Redaelli <tredaelli>
Component: openvswitch2.15Assignee: Timothy Redaelli <tredaelli>
Status: CLOSED ERRATA QA Contact: Rick Alongi <ralongi>
Severity: medium Docs Contact:
Priority: unspecified    
Version: FDP 21.ACC: ctrautma, jhsiao, kfida, ovs-qe, ralongi, tkajinam, tredaelli
Target Milestone: ---   
Target Release: FDP 21.I   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openvswitch2.15-2.15.0-40.el8fdp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2004543
: 2007292 (view as bug list) Environment:
Last Closed: 2021-12-09 15:37:13 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2004543    
Bug Blocks: 2007292    

Description Timothy Redaelli 2021-09-23 14:08:52 UTC 
+++ This bug was initially created as a clone of Bug #2004543 +++

Description of problem:

Currently the /var/log/openvswitch directory is managed by the openvswitch package and it is owned
by openvswitch:openvswitch initially.

However /var/log/openvswitch is "chown"ed to openvswitch:hugetlbfs when ovsdb-server is started.
This is because the following change[1] and definition of the OVS_USER_ID environment in
/etc/sysconfing/openvswitch [2].

[1] https://github.com/openvswitch/ovs/commit/b096fa42ddc2ed69fa86b60a501bd3c34e767b7f

[2]
~~~
OVS_USER_ID="openvswitch:hugetlbfs"
~~~

Because openvswitch service is not restarted automatically when openvswich package is updated,
we observe the following "change" made during update.

So far I'm not aware of any immediate problem caused by this change.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Install a bit old openvswitch package
 $ dnf install openvswitch2.13-2.13.0-39.el8fdp.x86_64

2. Check ownership of /var/log/openvswitch. Here we expect openvswitch:openvswitch
 $ sudo ls -la /var/log/openvswitch

3. Start the openvswitch service.
 $ sudo systemctl start openvswitch.service

4. Now ownership of the log directory is changed to openvswitch:hugetlbfs

5. Update the openvswitch package
 $ sudo dnf update -y openvswitch2.13

6. Check ownership of the log directory. Now it is reverted back to openvswitch:openvswitch.

7. Restart the openvswitch service.
 $ sudo systemctl restart openvswitch.service

8. At this point the directory is owned by openvswitch:hugetlbfs

Actual results:
Directory ownership is changed

Expected results:
Directory ownership is consistent and unchanged

Additional info:

--- Additional comment from Takashi Kajinami on 2021-09-15 16:31:21 CEST ---

I'll paste the console log to explain what I tested in RHEL8.2 machine.

openvswitch2.13-2.13.0-39.el8fdp.x86_64 was initially installed
~~~
[root@node-0 ~]# dnf install openvswitch2.13-2.13.0-39.el8fdp.x86_64
...
~~~

The log directory was created and owned by openvswitch:openvswitch.
~~~
[root@node-0 ~]# ls -lah /var/log/openvswitch
total 4.0K
drwxr-x---.  2 openvswitch openvswitch    6 Jun 26  2020 .
drwxr-xr-x. 12 root        root        4.0K Sep 15 09:43 ..
~~~

At this point openvswitch service is not started.
~~~
[root@node-0 ~]# sudo systemctl status openvswitch
● openvswitch.service - Open vSwitch
   Loaded: loaded (/usr/lib/systemd/system/openvswitch.service; disabled; vendor preset: disabled)
   Active: inactive (dead)
~~~

OVS_USER_ID was set to openvswitch:hugetlbfs, which is the default defined in the package.
~~~
[root@node-0 ~]# cat /etc/sysconfig/openvswitch 
### Configuration options for openvswitch
#
# Enable core files.
# This option should be set to "yes" or "no".  The default is "yes".
# --force-corefiles=yes
#
# Set "nice" priority at which to run ovsdb-server:
# --ovsdb-server-priority=-10
#
# Set "nice" priority at which to run ovsdb-vswitchd:
# --ovs-vswitchd-priority=-10
#
# Pass or not --mlockall option to ovs-vswitchd.
# This option should be set to "yes" or "no".  The default is "yes".
# Enabling this option can avoid networking interruptions due to
# system memory pressure in extraordinary situations, such as multiple
# concurrent VM import operations.
# --mlockall=yes
#
# Use valgrind:
#   --ovs-vswitchd-wrapper=valgrind
#   --ovsdb-server-wrapper=valgrind
#
# Specify additional options, for example to start with debug logs:
#   --ovs-vswitchd-options='-vconsole:dbg -vfile:dbg'
#   --ovsdb-server-options='-vconsole:dbg -vfile:dbg'
#
OPTIONS=""

# Uncomment and set the OVS User/Group value
OVS_USER_ID="openvswitch:hugetlbfs"
~~~

Then the openvswitch service was started.
~~~
[root@node-0 ~]# systemctl start openvswitch
[root@node-0 ~]# 
[root@node-0 ~]# systemctl status openvswitch
● openvswitch.service - Open vSwitch
   Loaded: loaded (/usr/lib/systemd/system/openvswitch.service; disabled; vendor preset: disabled)
   Active: active (exited) since Wed 2021-09-15 09:48:49 EDT; 5s ago
  Process: 15766 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 15766 (code=exited, status=0/SUCCESS)

Sep 15 09:48:49 node-0.ovstest.lab.pnq2.cee.redhat.com systemd[1]: Starting Open vSwitch...
Sep 15 09:48:49 node-0.ovstest.lab.pnq2.cee.redhat.com systemd[1]: Started Open vSwitch.
~~~

The log directory was chowned.
~~~
[root@node-0 ~]# sudo ls -la /var/log/openvswitch
total 12
drwxr-x---.  2 openvswitch hugetlbfs   54 Sep 15 09:48 .
drwxr-xr-x. 12 root        root      4096 Sep 15 09:43 ..
-rw-r-----.  1 openvswitch hugetlbfs  346 Sep 15 09:48 ovsdb-server.log
-rw-r-----.  1 openvswitch hugetlbfs  621 Sep 15 09:48 ovs-vswitchd.log
[root@node-0 ~]# 
~~~

The openvswitch2.13 package was updated to the current latest.
~~~
[root@node-0 ~]# sudo dnf update -y openvswitch2.13
Last metadata expiration check: 0:23:00 ago on Wed 15 Sep 2021 09:30:35 AM EDT.
Dependencies resolved.
==============================================================================================================================================================================================================================================
 Package                                                   Architecture                                     Version                                                        Repository                                                    Size
==============================================================================================================================================================================================================================================
Upgrading:
 openvswitch2.13                                           x86_64                                           2.13.0-120.el8fdp                                              rhosp-rhel-8.2-fdp                                            13 M

Transaction Summary
==============================================================================================================================================================================================================================================
Upgrade  1 Package

Total download size: 13 M
Downloading Packages:
openvswitch2.13-2.13.0-120.el8fdp.x86_64.rpm                                                                                                                                                                  759 kB/s |  13 MB     00:17    
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                                                                         759 kB/s |  13 MB     00:17     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                                                                      1/1 
  Running scriptlet: openvswitch2.13-2.13.0-120.el8fdp.x86_64                                                                                                                                                                             1/1 
  Running scriptlet: openvswitch2.13-2.13.0-120.el8fdp.x86_64                                                                                                                                                                             1/2 
  Upgrading        : openvswitch2.13-2.13.0-120.el8fdp.x86_64                                                                                                                                                                             1/2 
  Running scriptlet: openvswitch2.13-2.13.0-120.el8fdp.x86_64                                                                                                                                                                             1/2 
  Running scriptlet: openvswitch2.13-2.13.0-39.el8fdp.x86_64                                                                                                                                                                              2/2 
  Cleanup          : openvswitch2.13-2.13.0-39.el8fdp.x86_64                                                                                                                                                                              2/2 
  Running scriptlet: openvswitch2.13-2.13.0-39.el8fdp.x86_64                                                                                                                                                                              2/2 
  Verifying        : openvswitch2.13-2.13.0-120.el8fdp.x86_64                                                                                                                                                                             1/2 
  Verifying        : openvswitch2.13-2.13.0-39.el8fdp.x86_64                                                                                                                                                                              2/2 

Upgraded:
  openvswitch2.13-2.13.0-120.el8fdp.x86_64                                                                                                                                                                                                    

Complete!
[root@node-0 ~]#
~~~

Owner of the log directory was reverted back to openvswitch:openvswitch.
~~~
[root@node-0 ~]# sudo ls -la /var/log/openvswitch/
total 12
drwxr-x---.  2 openvswitch openvswitch   54 Aug  2 18:17 .
drwxr-xr-x. 12 root        root        4096 Sep 15 09:43 ..
-rw-r-----.  1 openvswitch hugetlbfs    346 Sep 15 09:48 ovsdb-server.log
-rw-r-----.  1 openvswitch hugetlbfs    621 Sep 15 09:48 ovs-vswitchd.log
[root@node-0 ~]# sudo systemctl status openvswitch
● openvswitch.service - Open vSwitch
   Loaded: loaded (/usr/lib/systemd/system/openvswitch.service; disabled; vendor preset: disabled)
   Active: active (exited) since Wed 2021-09-15 09:48:49 EDT; 5min ago
 Main PID: 15766 (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 23976)
   Memory: 0B
   CGroup: /system.slice/openvswitch.service

Sep 15 09:48:49 node-0.ovstest.lab.pnq2.cee.redhat.com systemd[1]: Starting Open vSwitch...
Sep 15 09:48:49 node-0.ovstest.lab.pnq2.cee.redhat.com systemd[1]: Started Open vSwitch.
~~~

Then the openvswitch service was restarted.
~~~
[root@node-0 ~]# sudo systemctl restart openvswitch
[root@node-0 ~]# sudo systemctl status openvswitch
● openvswitch.service - Open vSwitch
   Loaded: loaded (/usr/lib/systemd/system/openvswitch.service; disabled; vendor preset: disabled)
   Active: active (exited) since Wed 2021-09-15 09:55:07 EDT; 5s ago
  Process: 16289 ExecStop=/bin/true (code=exited, status=0/SUCCESS)
  Process: 16469 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 16469 (code=exited, status=0/SUCCESS)

Sep 15 09:55:07 node-0.ovstest.lab.pnq2.cee.redhat.com systemd[1]: Starting Open vSwitch...
Sep 15 09:55:07 node-0.ovstest.lab.pnq2.cee.redhat.com systemd[1]: Started Open vSwitch.
~~~

Owner of the log directroy was set to openvswitch:hugetlbfs again.
~~~
[root@node-0 ~]# sudo ls -la /var/log/openvswitch/
total 12
drwxr-x---.  2 openvswitch hugetlbfs   54 Aug  2 18:17 .
drwxr-xr-x. 12 root        root      4096 Sep 15 09:43 ..
-rw-r-----.  1 openvswitch hugetlbfs  525 Sep 15 09:55 ovsdb-server.log
-rw-r-----.  1 openvswitch hugetlbfs 1337 Sep 15 09:55 ovs-vswitchd.log
~~~
Comment 3 Rick Alongi 2021-10-19 17:35:45 UTC 
Reproduced issue using earlier OVS package.  Verified that fix is in place using openvswitch2.15-2.15.0-42.el8fdp.

OVS_USER_ID="openvswitch:hugetlbfs" (per /etc/sysconfig/openvswitch file)

USER:GROUP settings for /var/log/openvswitch:
Initial installation of openvswitch package before starting openvswitch.service: openvswitch:openvswitch
After start of openvswitch.service: openvswitch:hugetlbfs
After update of openvswitch package, before openvswitch.service restart: openvswitch:hugetlbfs
After openvswitch.service reload: openvswitch:hugetlbfs
After openvswitch.service restart: openvswitch:hugetlbfs

Test cases added to upgrade testing.  Results file here: https://url.corp.redhat.com/f06b10a
Comment 5 errata-xmlrpc 2021-12-09 15:37:13 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (openvswitch2.15 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:5057