Description of problem: This issue has already been addressed via https://bugzilla.redhat.com/show_bug.cgi?id=2007292, https://bugzilla.redhat.com/show_bug.cgi?id=2007290, https://bugzilla.redhat.com/show_bug.cgi?id=2007292. Logging this BZ to track it for openvswitch2.11 (present on RHEL-7 and RHEL-8) in case it is decided that it should also be fixed there as well. Currently the /var/log/openvswitch directory is managed by the openvswitch package and it is owned by openvswitch:openvswitch initially. However /var/log/openvswitch is "chown"ed to openvswitch:hugetlbfs when ovsdb-server is started. This is because the following change[1] and definition of the OVS_USER_ID environment in /etc/sysconfing/openvswitch [2]. [1] https://github.com/openvswitch/ovs/commit/b096fa42ddc2ed69fa86b60a501bd3c34e767b7f [2] OVS_USER_ID="openvswitch:hugetlbfs" Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Install baseline openvswitch2.11 package, start openvswitch.service 2. Check user:group settings for /var/log/openvswitch (openvswitch:hugetlbfs) 3. Update to newer openvswitch2.11 package (but do not restart service) 4. Check user:group settings for /var/log/openvswitch (openvswitch:openvswitch) Actual results: Directory ownership is changed Expected results: Directory ownership is consistent and unchanged Additional info: Detailed test steps: # Install baseline packages: [root@netqe20 ~]# yum -y install http://download-node-02.eng.bos.redhat.com/brewroot/packages/openvswitch-selinux-extra-policy/1.0/28.el8fdp/noarch/openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch.rpm http://download-node-02.eng.bos.redhat.com/brewroot/packages/openvswitch2.11/2.11.3/86.el8fdp/x86_64/openvswitch2.11-2.11.3-86.el8fdp.x86_64.rpm Updating Subscription Management repositories. Unable to read consumer identity This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Last metadata expiration check: 1 day, 2:45:19 ago on Wed 17 Nov 2021 10:48:11 AM EST. openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch.rpm 1.8 MB/s | 15 kB 00:00 openvswitch2.11-2.11.3-86.el8fdp.x86_64.rpm 23 MB/s | 12 MB 00:00 Dependencies resolved. ==================================================================================================== Package Arch Version Repository Size ==================================================================================================== Installing: openvswitch-selinux-extra-policy noarch 1.0-28.el8fdp @commandline 15 k openvswitch2.11 x86_64 2.11.3-86.el8fdp @commandline 12 M Transaction Summary ==================================================================================================== Install 2 Packages Total size: 12 M Installed size: 43 M Downloading Packages: Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Running scriptlet: openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch 1/2 Installing : openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch 1/2 Running scriptlet: openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch 1/2 Running scriptlet: openvswitch2.11-2.11.3-86.el8fdp.x86_64 2/2 Installing : openvswitch2.11-2.11.3-86.el8fdp.x86_64 2/2 Running scriptlet: openvswitch2.11-2.11.3-86.el8fdp.x86_64 2/2 Running scriptlet: openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch 2/2 Running scriptlet: openvswitch2.11-2.11.3-86.el8fdp.x86_64 2/2 Verifying : openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch 1/2 Verifying : openvswitch2.11-2.11.3-86.el8fdp.x86_64 2/2 Installed products updated. Installed: openvswitch-selinux-extra-policy-1.0-28.el8fdp.noarch openvswitch2.11-2.11.3-86.el8fdp.x86_64 Complete! # openvswitch.service not yet started: [root@netqe9 ~]# systemctl status openvswitch ● openvswitch.service - Open vSwitch Loaded: loaded (/usr/lib/systemd/system/openvswitch.service; disabled; vendor preset: disabled) Active: inactive (dead) Nov 18 10:43:12 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Starting Open vSwitch... Nov 18 10:43:12 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Started Open vSwitch. Nov 18 10:49:17 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Stopping Open vSwitch... Nov 18 10:49:18 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Stopped Open vSwitch. Nov 18 10:50:26 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Starting Open vSwitch... Nov 18 10:50:26 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Started Open vSwitch. Nov 18 10:53:33 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Stopping Open vSwitch... Nov 18 10:53:33 netqe9.knqe.lab.eng.bos.redhat.com systemd[1]: Stopped Open vSwitch. # Verify that default settings in /etc/sysconfig/openvswitch are openvswitch:hugetlbfs: [root@netqe20 ~]# OVS_USER_ID_SETTING=$(grep OVS_USER_ID /etc/sysconfig/openvswitch | awk -F "=" '{print $NF}' | tr -d '"') [root@netqe20 ~]# echo "OVS_USER_ID setting in /etc/sysconfig/openvswitch: $OVS_USER_ID_SETTING" OVS_USER_ID setting in /etc/sysconfig/openvswitch: openvswitch:hugetlbfs # Verify that user:group settings for /var/log/openvswitch are openvswitch:openvswitch before starting openvswitch.service: [root@netqe20 ~]# USER=$(stat -c '%U' /var/log/openvswitch) [root@netqe20 ~]# GROUP=$(stat -c '%G' /var/log/openvswitch) [root@netqe20 ~]# echo $USER openvswitch [root@netqe20 ~]# echo $GROUP openvswitch # Start openvswitch.service: [root@netqe20 ~]# systemctl enable openvswitch && systemctl start openvswitch Created symlink /etc/systemd/system/multi-user.target.wants/openvswitch.service → /usr/lib/systemd/system/openvswitch.service. [root@netqe20 ~]# OVS_PID=$(systemctl status openvswitch | grep 'Main PID' | awk '{print $3}') [root@netqe20 ~]# echo $OVS_PID 68642 # Verify that user:group settings for /var/log/openvswitch are now openvswitch:hugetlbfs after starting openvswitch.service: [root@netqe20 ~]# USER=$(stat -c '%U' /var/log/openvswitch) [root@netqe20 ~]# GROUP=$(stat -c '%G' /var/log/openvswitch) [root@netqe20 ~]# expected_user_id=$(echo $OVS_USER_ID_SETTING | awk -F":" '{print $1}') [root@netqe20 ~]# expected_group_id=$(echo $OVS_USER_ID_SETTING | awk -F":" '{print $2}') [root@netqe20 ~]# echo $expected_user_id openvswitch [root@netqe20 ~]# echo $expected_group_id hugetlbfs [root@netqe20 ~]# echo $USER openvswitch [root@netqe20 ~]# echo $GROUP hugetlbfs # Update openvswitch package: [root@netqe20 ~]# rpm -q openvswitch2.11 openvswitch2.11-2.11.3-86.el8fdp.x86_64 [root@netqe20 ~]# yum -y update http://download-node-02.eng.bos.redhat.com/brewroot/packages/openvswitch2.11/2.11.3/96.el8fdp/x86_64/openvswitch2.11-2.11.3-96.el8fdp.x86_64.rpm Updating Subscription Management repositories. Unable to read consumer identity This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Last metadata expiration check: 1 day, 2:51:48 ago on Wed 17 Nov 2021 10:48:11 AM EST. openvswitch2.11-2.11.3-96.el8fdp.x86_64.rpm 32 MB/s | 12 MB 00:00 Dependencies resolved. ==================================================================================================== Package Architecture Version Repository Size ==================================================================================================== Upgrading: openvswitch2.11 x86_64 2.11.3-96.el8fdp @commandline 12 M Transaction Summary ==================================================================================================== Upgrade 1 Package Total size: 12 M Downloading Packages: Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Running scriptlet: openvswitch2.11-2.11.3-96.el8fdp.x86_64 1/1 Running scriptlet: openvswitch2.11-2.11.3-96.el8fdp.x86_64 1/2 Upgrading : openvswitch2.11-2.11.3-96.el8fdp.x86_64 1/2 Running scriptlet: openvswitch2.11-2.11.3-96.el8fdp.x86_64 1/2 Running scriptlet: openvswitch2.11-2.11.3-86.el8fdp.x86_64 2/2 Cleanup : openvswitch2.11-2.11.3-86.el8fdp.x86_64 2/2 Running scriptlet: openvswitch2.11-2.11.3-86.el8fdp.x86_64 2/2 Verifying : openvswitch2.11-2.11.3-96.el8fdp.x86_64 1/2 Verifying : openvswitch2.11-2.11.3-86.el8fdp.x86_64 2/2 Installed products updated. Upgraded: openvswitch2.11-2.11.3-96.el8fdp.x86_64 Complete! [root@netqe20 ~]# rpm -q openvswitch2.11 openvswitch2.11-2.11.3-96.el8fdp.x86_64 # Verify that openvswitch.service has not restarted yet after package update (note PID is the same as above): [root@netqe20 ~]# OVS_PID=$(systemctl status openvswitch | grep 'Main PID' | awk '{print $3}') [root@netqe20 ~]# echo $OVS_PID 68642 # The user:group settings in /etc/sysconfig/openvswitch should still be openvswitch:hugetlbfs: [root@netqe20 ~]# OVS_USER_ID_SETTING=$(grep OVS_USER_ID /etc/sysconfig/openvswitch | awk -F "=" '{print $NF}' | tr -d '"') [root@netqe20 ~]# echo "OVS_USER_ID setting in /etc/sysconfig/openvswitch: $OVS_USER_ID_SETTING" OVS_USER_ID setting in /etc/sysconfig/openvswitch: openvswitch:hugetlbfs [root@netqe20 ~]# expected_user_id=$(echo $OVS_USER_ID_SETTING | awk -F":" '{print $1}') [root@netqe20 ~]# expected_group_id=$(echo $OVS_USER_ID_SETTING | awk -F":" '{print $2}') [root@netqe20 ~]# echo $expected_user_id openvswitch [root@netqe20 ~]# echo $expected_group_id hugetlbfs # Note that user:group settings for /var/log/openvswitch have unexpectedly changed to openvswitch:openvswitch [root@netqe20 ~]# USER=$(stat -c '%U' /var/log/openvswitch) [root@netqe20 ~]# GROUP=$(stat -c '%G' /var/log/openvswitch) [root@netqe20 ~]# echo $USER openvswitch [root@netqe20 ~]# echo $GROUP openvswitch [root@netqe20 ~]#
* Thu Apr 21 2022 Timothy Redaelli <tredaelli> - 2.11.3-94 - redhat: use hugetlbfs group for /var/log/openvswitch when dpdk is enabled [RH git: 132f9642d3] (#2024728) Resolves: #2024728