Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
The FDP team is no longer accepting new bugs in Bugzilla. Please report your issues under FDP project in Jira. Thanks.

Bug 2024728

Summary: ownership of /var/log/openvswitch is changed after the openvswitch package is updated
Product: Red Hat Enterprise Linux Fast Datapath Reporter: Rick Alongi <ralongi>
Component: openvswitch2.11Assignee: Open vSwitch development team <ovs-team>
Status: CLOSED CURRENTRELEASE QA Contact: Rick Alongi <ralongi>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: FDP 21.ICC: ctrautma, fleitner, jhsiao, ralongi, tredaelli
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openvswitch2.11-2.11.3-94.el8fdp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-06-14 16:12:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rick Alongi 2021-11-18 18:56:55 UTC 
Description of problem:
This issue has already been addressed via https://bugzilla.redhat.com/show_bug.cgi?id=2007292, https://bugzilla.redhat.com/show_bug.cgi?id=2007290, https://bugzilla.redhat.com/show_bug.cgi?id=2007292.

Logging this BZ to track it for openvswitch2.11 (present on RHEL-7 and RHEL-8) in case it is decided that it should also be fixed there as well.

Currently the /var/log/openvswitch directory is managed by the openvswitch package and it is owned
by openvswitch:openvswitch initially.

However /var/log/openvswitch is "chown"ed to openvswitch:hugetlbfs when ovsdb-server is started.
This is because the following change[1] and definition of the OVS_USER_ID environment in
/etc/sysconfing/openvswitch [2].

[1] https://github.com/openvswitch/ovs/commit/b096fa42ddc2ed69fa86b60a501bd3c34e767b7f

[2] OVS_USER_ID="openvswitch:hugetlbfs"

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Install baseline openvswitch2.11 package, start openvswitch.service
2. Check user:group settings for /var/log/openvswitch (openvswitch:hugetlbfs)
3. Update to newer openvswitch2.11 package (but do not restart service)
4. Check user:group settings for /var/log/openvswitch (openvswitch:openvswitch)

Actual results:
Directory ownership is changed

Expected results:
Directory ownership is consistent and unchanged

Additional info:

Detailed test steps:

# Install baseline packages:
[root@netqe20 ~]# yum -y install http://download-node-02.eng.bos.redhat.com/brewroot/packages/openvswitch-selinux-extra-policy/1.0/28.el8fdp/noarch/openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch.rpm http://download-node-02.eng.bos.redhat.com/brewroot/packages/openvswitch2.11/2.11.3/86.el8fdp/x86_64/openvswitch2.11-2.11.3-86.el8fdp.x86_64.rpm
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

Last metadata expiration check: 1 day, 2:45:19 ago on Wed 17 Nov 2021 10:48:11 AM EST.
openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch.rpm           1.8 MB/s |  15 kB     00:00    
openvswitch2.11-2.11.3-86.el8fdp.x86_64.rpm                          23 MB/s |  12 MB     00:00    
Dependencies resolved.
====================================================================================================
 Package                               Arch        Version                  Repository         Size
====================================================================================================
Installing:
 openvswitch-selinux-extra-policy      noarch      1.0-28.el8fdp            @commandline       15 k
 openvswitch2.11                       x86_64      2.11.3-86.el8fdp         @commandline       12 M

Transaction Summary
====================================================================================================
Install  2 Packages

Total size: 12 M
Installed size: 43 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                            1/1 
  Running scriptlet: openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch                      1/2 
  Installing       : openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch                      1/2 
  Running scriptlet: openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch                      1/2 
  Running scriptlet: openvswitch2.11-2.11.3-86.el8fdp.x86_64                                    2/2 
  Installing       : openvswitch2.11-2.11.3-86.el8fdp.x86_64                                    2/2 
  Running scriptlet: openvswitch2.11-2.11.3-86.el8fdp.x86_64                                    2/2 
  Running scriptlet: openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch                      2/2 
  Running scriptlet: openvswitch2.11-2.11.3-86.el8fdp.x86_64                                    2/2 
  Verifying        : openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch                      1/2 
  Verifying        : openvswitch2.11-2.11.3-86.el8fdp.x86_64                                    2/2 
Installed products updated.

Installed:
  openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch   openvswitch2.11-2.11.3-86.el8fdp.x86_64  

Complete!

# openvswitch.service not yet started:
[root@netqe9 ~]# systemctl status openvswitch
● openvswitch.service - Open vSwitch
   Loaded: loaded (/usr/lib/systemd/system/openvswitch.service; disabled; vendor preset: disabled)
   Active: inactive (dead)

Nov 18 10:43:12 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Starting Open vSwitch...
Nov 18 10:43:12 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Started Open vSwitch.
Nov 18 10:49:17 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Stopping Open vSwitch...
Nov 18 10:49:18 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Stopped Open vSwitch.
Nov 18 10:50:26 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Starting Open vSwitch...
Nov 18 10:50:26 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Started Open vSwitch.
Nov 18 10:53:33 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Stopping Open vSwitch...
Nov 18 10:53:33 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Stopped Open vSwitch.

# Verify that default settings in /etc/sysconfig/openvswitch are openvswitch:hugetlbfs:
[root@netqe20 ~]# OVS_USER_ID_SETTING=$(grep OVS_USER_ID /etc/sysconfig/openvswitch | awk -F "=" '{print $NF}' | tr -d '"')
[root@netqe20 ~]# echo "OVS_USER_ID setting in /etc/sysconfig/openvswitch: $OVS_USER_ID_SETTING"
OVS_USER_ID setting in /etc/sysconfig/openvswitch: openvswitch:hugetlbfs

# Verify that user:group settings for /var/log/openvswitch are openvswitch:openvswitch before starting openvswitch.service:
[root@netqe20 ~]# USER=$(stat -c '%U' /var/log/openvswitch)
[root@netqe20 ~]# GROUP=$(stat -c '%G' /var/log/openvswitch)
[root@netqe20 ~]# echo $USER
openvswitch
[root@netqe20 ~]# echo $GROUP
openvswitch

# Start openvswitch.service:
[root@netqe20 ~]# systemctl enable openvswitch && systemctl start openvswitch
Created symlink /etc/systemd/system/multi-user.target.wants/openvswitch.service → /usr/lib/systemd/system/openvswitch.service.
[root@netqe20 ~]# OVS_PID=$(systemctl status openvswitch | grep 'Main PID' | awk '{print $3}')
[root@netqe20 ~]# echo $OVS_PID
68642

# Verify that user:group settings for /var/log/openvswitch are now openvswitch:hugetlbfs after starting openvswitch.service:
[root@netqe20 ~]# USER=$(stat -c '%U' /var/log/openvswitch)
[root@netqe20 ~]# GROUP=$(stat -c '%G' /var/log/openvswitch)
[root@netqe20 ~]# expected_user_id=$(echo $OVS_USER_ID_SETTING | awk -F":" '{print $1}')
[root@netqe20 ~]# expected_group_id=$(echo $OVS_USER_ID_SETTING | awk -F":" '{print $2}')
[root@netqe20 ~]# echo $expected_user_id
openvswitch
[root@netqe20 ~]# echo $expected_group_id
hugetlbfs
[root@netqe20 ~]# echo $USER
openvswitch
[root@netqe20 ~]# echo $GROUP
hugetlbfs

# Update openvswitch package:
[root@netqe20 ~]# rpm -q openvswitch2.11
openvswitch2.11-2.11.3-86.el8fdp.x86_64
[root@netqe20 ~]# yum -y update http://download-node-02.eng.bos.redhat.com/brewroot/packages/openvswitch2.11/2.11.3/96.el8fdp/x86_64/openvswitch2.11-2.11.3-96.el8fdp.x86_64.rpm
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

Last metadata expiration check: 1 day, 2:51:48 ago on Wed 17 Nov 2021 10:48:11 AM EST.
openvswitch2.11-2.11.3-96.el8fdp.x86_64.rpm                          32 MB/s |  12 MB     00:00    
Dependencies resolved.
====================================================================================================
 Package                   Architecture     Version                    Repository              Size
====================================================================================================
Upgrading:
 openvswitch2.11           x86_64           2.11.3-96.el8fdp           @commandline            12 M

Transaction Summary
====================================================================================================
Upgrade  1 Package

Total size: 12 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                            1/1 
  Running scriptlet: openvswitch2.11-2.11.3-96.el8fdp.x86_64                                    1/1 
  Running scriptlet: openvswitch2.11-2.11.3-96.el8fdp.x86_64                                    1/2 
  Upgrading        : openvswitch2.11-2.11.3-96.el8fdp.x86_64                                    1/2 
  Running scriptlet: openvswitch2.11-2.11.3-96.el8fdp.x86_64                                    1/2 
  Running scriptlet: openvswitch2.11-2.11.3-86.el8fdp.x86_64                                    2/2 
  Cleanup          : openvswitch2.11-2.11.3-86.el8fdp.x86_64                                    2/2 
  Running scriptlet: openvswitch2.11-2.11.3-86.el8fdp.x86_64                                    2/2 
  Verifying        : openvswitch2.11-2.11.3-96.el8fdp.x86_64                                    1/2 
  Verifying        : openvswitch2.11-2.11.3-86.el8fdp.x86_64                                    2/2 
Installed products updated.

Upgraded:
  openvswitch2.11-2.11.3-96.el8fdp.x86_64                                                           

Complete!
[root@netqe20 ~]# rpm -q openvswitch2.11
openvswitch2.11-2.11.3-96.el8fdp.x86_64

# Verify that openvswitch.service has not restarted yet after package update (note PID is the same as above):
[root@netqe20 ~]# OVS_PID=$(systemctl status openvswitch | grep 'Main PID' | awk '{print $3}')
[root@netqe20 ~]# echo $OVS_PID
68642

# The user:group settings in /etc/sysconfig/openvswitch should still be openvswitch:hugetlbfs:
[root@netqe20 ~]# OVS_USER_ID_SETTING=$(grep OVS_USER_ID /etc/sysconfig/openvswitch | awk -F "=" '{print $NF}' | tr -d '"')
[root@netqe20 ~]# echo "OVS_USER_ID setting in /etc/sysconfig/openvswitch: $OVS_USER_ID_SETTING"
OVS_USER_ID setting in /etc/sysconfig/openvswitch: openvswitch:hugetlbfs
[root@netqe20 ~]# expected_user_id=$(echo $OVS_USER_ID_SETTING | awk -F":" '{print $1}')
[root@netqe20 ~]# expected_group_id=$(echo $OVS_USER_ID_SETTING | awk -F":" '{print $2}')
[root@netqe20 ~]# echo $expected_user_id
openvswitch
[root@netqe20 ~]# echo $expected_group_id
hugetlbfs

# Note that user:group settings for /var/log/openvswitch have unexpectedly changed to openvswitch:openvswitch
[root@netqe20 ~]# USER=$(stat -c '%U' /var/log/openvswitch)
[root@netqe20 ~]# GROUP=$(stat -c '%G' /var/log/openvswitch)
[root@netqe20 ~]# echo $USER
openvswitch
[root@netqe20 ~]# echo $GROUP
openvswitch
[root@netqe20 ~]#
Comment 1 OvS team 2022-04-21 18:20:17 UTC 
* Thu Apr 21 2022 Timothy Redaelli <tredaelli> - 2.11.3-94
- redhat: use hugetlbfs group for /var/log/openvswitch when dpdk is enabled [RH git: 132f9642d3] (#2024728)
    Resolves: #2024728