RDO tickets are now tracked in Jira https://issues.redhat.com/projects/RDO/issues/
Bug 966751 - service openvswitch status operation requires root permissions
Summary: service openvswitch status operation requires root permissions
Keywords:
Status: CLOSED DUPLICATE of bug 1148497
Alias: None
Product: RDO
Classification: Community
Component: openvswitch
Version: unspecified
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Flavio Leitner
QA Contact: Ofer Blaut
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-05-23 21:15 UTC by Steven Dake
Modified: 2016-04-26 22:56 UTC (History)
4 users (show)

Fixed In Version: openvswitch-2.0.1-1.el6
Clone Of:
Environment:
Last Closed: 2014-10-23 13:47:38 UTC
Embargoed:


Attachments (Terms of Use)

Description Steven Dake 2013-05-23 21:15:20 UTC
Description of problem:
The command "service openvswitch status" operation requires root permissions.  This operation should complete as a non-privileged user.

Version-Release number of selected component (if applicable):
openvswitch-1.10.0-1.el6.x86_64


How reproducible:
100%

Steps to Reproduce:
1. be logged in as a non-root user
2. run service openvswitch status
3.

Actual results:
[sdake@q1 utils]$ service openvswitch status
/usr/share/openvswitch/scripts/ovs-lib: line 49: /var/log/openvswitch/ovs-ctl.log: Permission denied
tee: /var/log/openvswitch/ovs-ctl.log: Permission denied
ovsdb-server is running with pid 1467
ovs-vswitchd is running with pid 1477
[sdake@q1 utils]$ echo $?
1

Expected results:
[sdake@q1 utils]$ service openvswitch status
ovsdb-server is running with pid 1467
ovs-vswitchd is running with pid 1477
[sdake@q1 utils]$ echo $?
0


Additional info:
openvswitch init script is able to determine that the ops-vswitchd and ovsdb-server processes are running, so there shouldn't be a need to run ovs-ctl.

Comment 1 Flavio Leitner 2014-02-27 02:24:17 UTC
The problem is that openvswitch logs all initscripts operations (start/stop/restart/status/...) to the ovs-vsctl.log which has no write permission for non-root users.

Since the "status" operation doesn't affect the service at all, I don't see much value in logging it. Therefore, I am proposing a patch upstream to change that.

http://patchwork.openvswitch.org/patch/3128/

Comment 2 Flavio Leitner 2014-02-27 12:57:15 UTC
Patch has been updated:
http://patchwork.openvswitch.org/patch/3133/

Comment 3 Flavio Leitner 2014-02-27 15:59:57 UTC
Patch accepted upstream:
http://git.openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=691e47554dd03dd6492e00bab5bd6d215f5cbd4f

I will backport to our packages as the next step.

Comment 4 Flavio Leitner 2014-03-28 02:06:46 UTC
This is fixed in openvswitch-2.0.1-1.el6

Comment 5 Flavio Leitner 2014-10-23 13:47:38 UTC

*** This bug has been marked as a duplicate of bug 1148497 ***


Note You need to log in before you can comment on or make changes to this bug.