ovn-ctl: Use the current user for default file permissions.

The ovn-ctl utility was assuming that the user/group is always root, when not specified otherwise by the --ovn-user/--ovn-group options. This has the consequence of trying to change permissions of OVN directories to root:root even though the script might be run as completely different user. Take the current user and group instead of the hardcoded root. At the same time remove the ovs-user option as it was not used for anything and might be confusing. Reported-at: https://issues.redhat.com/browse/FDP-245 Signed-off-by: Ales Musil <amusil@redhat.com> Acked-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Numan Siddique <numans@ovn.org>
ovn-org · Apr 5, 2024 · 87d0c9e · 87d0c9e
1 parent 762ae66
commit 87d0c9e
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 6 deletions.
diff --git a/utilities/ovn-ctl b/utilities/ovn-ctl
@@ -269,8 +269,8 @@ $cluster_remote_port
     # Set the owner of the ovn_dbdir (with -R option) to OVN_USER if set.
     # This is required because the ovndbs are created with root permission
     # if not present when create_cluster/upgrade_db is called.
-    INSTALL_USER="root"
-    INSTALL_GROUP="root"
+    INSTALL_USER="$(id -un)"
+    INSTALL_GROUP="$(id -gn)"
     [ "$OVN_USER" != "" ] && INSTALL_USER="${OVN_USER%:*}"
     [ "${OVN_USER##*:}" != "" ] && INSTALL_GROUP="${OVN_USER##*:}"
 
@@ -1088,7 +1088,6 @@ Options:
   --ovn-ic-sb-db-ssl-protocols=PROTOCOLS OVN IC Southbound DB SSL protocols
   --ovn-ic-sb-db-ssl-ciphers=CIPHERS OVN IC Southbound DB SSL cipher list
   --ovn-user="user[:group]"      pass the --user flag to the ovn daemons
-  --ovs-user="user[:group]"      pass the --user flag to ovs daemons
   --ovsdb-nb-wrapper=WRAPPER     run with a wrapper like valgrind for debugging
   --ovsdb-sb-wrapper=WRAPPER     run with a wrapper like valgrind for debugging
   --ovsdb-disable-file-column-diff=no|yes

diff --git a/utilities/ovn-ctl.8.xml b/utilities/ovn-ctl.8.xml
@@ -70,7 +70,6 @@
     <p><code>--ovsdb-nb-wrapper=<var>WRAPPER</var></code></p>
     <p><code>--ovsdb-sb-wrapper=<var>WRAPPER</var></code></p>
     <p><code>--ovn-user=<var>USER:GROUP</var></code></p>
-    <p><code>--ovs-user=<var>USER:GROUP</var></code></p>
     <p><code>-h</code> | <code>--help</code></p>
 
     <h1>File location options</h1>

diff --git a/utilities/ovn-lib.in b/utilities/ovn-lib.in
@@ -48,8 +48,8 @@ LC_ALL=C; export LC_ALL
 ovn_install_dir () {
     DIR="$1"
     INSTALL_MODE="${2:-755}"
-    INSTALL_USER="root"
-    INSTALL_GROUP="root"
+    INSTALL_USER="$(id -un)"
+    INSTALL_GROUP="$(id -gn)"
     [ "$OVN_USER" != "" ] && INSTALL_USER="${OVN_USER%:*}"
     [ "${OVN_USER##*:}" != "" ] && INSTALL_GROUP="${OVN_USER##*:}"