Re: [ovs-dev] [PATCH] rhel: Fix literal dollar sign usage in systemd service files
On Tue, Apr 17, 2018 at 11:18:26AM +0200, Eelco Chaudron wrote: > On 16/04/18 17:15, Timothy Redaelli wrote: > >Currently (at least on RHEL 7.5) openvswitch fails to start (with DPDK > >enabled) as non-root, since chown fails and "/dev/hugepages" group is not > >changed. > > > >Commit tested on Fedora 28 and RHEL 7.5, both as root as non-root user. > > > > From man 5 systemd.service: > > > > To pass a literal dollar sign, use "$$". Variables whose value is not > > known > > at expansion time are treated as empty strings. Note that the first > > argument > > (i.e. the program to execute) may not be a variable. > > > >CC: Aaron Conole> >Fixes: 4299145c1095 ("rhel: don't drop capabilities when running as root") > >Signed-off-by: Timothy Redaelli > > > Changes look good to me! > > Acked-by: Eelco Chaudron Thanks Timothy, Aaron, and Eelco. I applied this to master and branch-2.9. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] rhel: Fix literal dollar sign usage in systemd service files
Timothy Redaelliwrites: > Currently (at least on RHEL 7.5) openvswitch fails to start (with DPDK > enabled) as non-root, since chown fails and "/dev/hugepages" group is not > changed. > > Commit tested on Fedora 28 and RHEL 7.5, both as root as non-root user. > > From man 5 systemd.service: > > To pass a literal dollar sign, use "$$". Variables whose value is not known > at expansion time are treated as empty strings. Note that the first argument > (i.e. the program to execute) may not be a variable. > > CC: Aaron Conole > Fixes: 4299145c1095 ("rhel: don't drop capabilities when running as root") > Signed-off-by: Timothy Redaelli > --- Acked-by: Aaron Conole ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] rhel: Fix literal dollar sign usage in systemd service files
On 16/04/18 17:15, Timothy Redaelli wrote: Currently (at least on RHEL 7.5) openvswitch fails to start (with DPDK enabled) as non-root, since chown fails and "/dev/hugepages" group is not changed. Commit tested on Fedora 28 and RHEL 7.5, both as root as non-root user. From man 5 systemd.service: To pass a literal dollar sign, use "$$". Variables whose value is not known at expansion time are treated as empty strings. Note that the first argument (i.e. the program to execute) may not be a variable. CC: Aaron ConoleFixes: 4299145c1095 ("rhel: don't drop capabilities when running as root") Signed-off-by: Timothy Redaelli Changes look good to me! Acked-by: Eelco Chaudron ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH] rhel: Fix literal dollar sign usage in systemd service files
Currently (at least on RHEL 7.5) openvswitch fails to start (with DPDK enabled) as non-root, since chown fails and "/dev/hugepages" group is not changed. Commit tested on Fedora 28 and RHEL 7.5, both as root as non-root user. >From man 5 systemd.service: To pass a literal dollar sign, use "$$". Variables whose value is not known at expansion time are treated as empty strings. Note that the first argument (i.e. the program to execute) may not be a variable. CC: Aaron ConoleFixes: 4299145c1095 ("rhel: don't drop capabilities when running as root") Signed-off-by: Timothy Redaelli --- rhel/usr_lib_systemd_system_ovs-vswitchd.service.in | 2 +- rhel/usr_lib_systemd_system_ovsdb-server.service| 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in b/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in index 889740f1a..11b34c686 100644 --- a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in +++ b/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in @@ -15,7 +15,7 @@ EnvironmentFile=/etc/openvswitch/default.conf EnvironmentFile=-/etc/sysconfig/openvswitch EnvironmentFile=-/run/openvswitch/useropts @begin_dpdk@ -ExecStartPre=-/bin/sh -c '/usr/bin/chown :${OVS_USER_ID##*:} /dev/hugepages' +ExecStartPre=-/bin/sh -c '/usr/bin/chown :$${OVS_USER_ID##*:} /dev/hugepages' ExecStartPre=-/usr/bin/chmod 0775 /dev/hugepages @end_dpdk@ ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \ diff --git a/rhel/usr_lib_systemd_system_ovsdb-server.service b/rhel/usr_lib_systemd_system_ovsdb-server.service index e05742d87..0fa57a925 100644 --- a/rhel/usr_lib_systemd_system_ovsdb-server.service +++ b/rhel/usr_lib_systemd_system_ovsdb-server.service @@ -11,7 +11,7 @@ Restart=on-failure EnvironmentFile=/etc/openvswitch/default.conf EnvironmentFile=-/etc/sysconfig/openvswitch ExecStartPre=/usr/bin/chown ${OVS_USER_ID} /var/run/openvswitch -ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch/useropts; if [ "${OVS_USER_ID/:*/}" != "root" ]; then /usr/bin/echo "OVSUSER=--ovs-user=${OVS_USER_ID}" > /run/openvswitch/useropts; fi' +ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch/useropts; if [ "$${OVS_USER_ID/:*/}" != "root" ]; then /usr/bin/echo "OVSUSER=--ovs-user=${OVS_USER_ID}" > /run/openvswitch/useropts; fi' EnvironmentFile=-/run/openvswitch/useropts ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \ --no-ovs-vswitchd --no-monitor --system-id=random \ -- 2.14.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev