For '3' comment below: s/Regarding playbook-fedora-builder.yml in general, there is issue with playbook-fedora-builder.yml, assuming I use "as is"./ Regarding POC in general, there is an issue with POC for Fedora usage, assuming I use "as is"./
On Mon, Apr 15, 2019 at 11:21 PM Darrell Ball <[email protected]> wrote: > Thanks for the fix > > 1/ Main changes to openvswitch-fedora.spec.in look ok to me, but we > should probably also see if there is any specific use > case concerns from others. > > 2/ Couple comments inline > > 3/ Regarding playbook-fedora-builder.yml in general, there is issue with > playbook-fedora-builder.yml, assuming I use "as is". > > > dball@ubuntu:~/ovs/poc/builders$ sudo vagrant up > DEPRECATION: The 'sudo' option for the Ansible provisioner is deprecated. > Please use the 'become' option instead. > The 'sudo' option will be removed in a future release of Vagrant. > > Bringing machine 'fedorabuilder' up with 'virtualbox' provider... > ==> fedorabuilder: Box 'fedora/27-cloud-base' could not be found. > Attempting to find and install... > fedorabuilder: Box Provider: virtualbox > fedorabuilder: Box Version: >= 0 > ==> fedorabuilder: Loading metadata for box 'fedora/27-cloud-base' > fedorabuilder: URL: https://vagrantcloud.com/fedora/27-cloud-base > ==> fedorabuilder: Adding box 'fedora/27-cloud-base' (v20171105) for > provider: virtualbox > fedorabuilder: Downloading: > https://vagrantcloud.com/fedora/boxes/27-cloud-base/versions/20171105/providers/virtualbox.box > fedorabuilder: Download redirected to host: download.fedoraproject.org > An error occurred while downloading the remote file. The error > message, if any, is reproduced below. Please fix this error and try > again. > > The requested URL returned error: 404 Not Found > > On Mon, Apr 15, 2019 at 6:26 PM Ansis Atteka <[email protected]> wrote: > >> Otherwise, Open vSwitch will fail to start with the following >> error "libcap-ng is not configured at compile time" when it >> attempts to downgrade to Open vSwitch user. >> >> Also, if packages were built in a way where processes are >> supposed to be running only as root, then there is no point >> in creating "openvswitch" user in the first place. >> >> Signed-off-by: Ansis Atteka <[email protected]> >> --- >> poc/playbook-fedora-builder.yml | 6 +++--- >> rhel/openvswitch-fedora.spec.in | 8 ++++++++ >> 2 files changed, 11 insertions(+), 3 deletions(-) >> >> diff --git a/poc/playbook-fedora-builder.yml >> b/poc/playbook-fedora-builder.yml >> index 70f0b6ff2..b955714fc 100644 >> --- a/poc/playbook-fedora-builder.yml >> +++ b/poc/playbook-fedora-builder.yml >> @@ -99,17 +99,17 @@ >> - openvswitch-dkms.spec >> >> - name: Build Open vSwitch user space rpms >> - command: rpmbuild -bb --without check rhel/openvswitch-fedora.spec >> + command: rpmbuild -bb --without check --without libcapng >> rhel/openvswitch-fedora.spec >> args: >> chdir: "{{SOURCE}}/openvswitch-{{version.stdout}}" >> >> - name: Build Open vSwitch kmod rpm >> - command: rpmbuild -bb --without check rhel/openvswitch-fedora.spec >> + command: rpmbuild -bb --without check --without libcapng >> rhel/openvswitch-fedora.spec >> > > Is the correct spec file openvswitch-kmod-fedora.spec ? > Hence, do we need a change here ? > > >> args: >> chdir: "{{SOURCE}}/openvswitch-{{version.stdout}}" >> >> - name: Build Open vSwitch dkms rpm >> - command: rpmbuild -bb --without check rhel/openvswitch-dkms.spec >> + command: rpmbuild -bb --without check --without libcapng >> rhel/openvswitch-dkms.spec >> > > Do you need this line changed ? > > > >> args: >> chdir: "{{SOURCE}}/openvswitch-{{version.stdout}}" >> >> diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/ >> openvswitch-fedora.spec.in >> index c1cd3f4c6..ce728b4f0 100644 >> --- a/rhel/openvswitch-fedora.spec.in >> +++ b/rhel/openvswitch-fedora.spec.in >> @@ -350,6 +350,7 @@ rm -rf $RPM_BUILD_ROOT >> %endif >> >> %pre >> +%if %{with libcapng} >> getent group openvswitch >/dev/null || groupadd -r openvswitch >> getent passwd openvswitch >/dev/null || \ >> useradd -r -g openvswitch -d / -s /sbin/nologin \ >> @@ -359,9 +360,11 @@ getent passwd openvswitch >/dev/null || \ >> getent group hugetlbfs >/dev/null || groupadd -r hugetlbfs >> usermod -a -G hugetlbfs openvswitch >> %endif >> +%endif >> exit 0 >> >> %post >> +%if %{with libcapng} >> if [ $1 -eq 1 ]; then >> sed -i 's:^#OVS_USER_ID=:OVS_USER_ID=:' /etc/sysconfig/openvswitch >> sed -i 's:\(.*su\).*:\1 openvswitch openvswitch:' >> %{_sysconfdir}/logrotate.d/openvswitch >> @@ -376,6 +379,7 @@ if [ $1 -eq 1 ]; then >> chown -R openvswitch:openvswitch /etc/openvswitch >> chown -R openvswitch:openvswitch /var/log/openvswitch >> fi >> +%endif >> >> %if 0%{?systemd_post:1} >> %systemd_post %{name}.service >> @@ -445,7 +449,11 @@ fi >> %endif >> >> %files >> +%if %{with libcapng} >> %defattr(-,openvswitch,openvswitch) >> +%else >> +%defattr(-,root,root) >> +%endif >> %dir %{_sysconfdir}/openvswitch >> %{_sysconfdir}/openvswitch/default.conf >> %config %ghost %{_sysconfdir}/openvswitch/conf.db >> -- >> 2.14.1 >> >> _______________________________________________ >> dev mailing list >> [email protected] >> https://mail.openvswitch.org/mailman/listinfo/ovs-dev >> > _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
