Bug ID | 1140835 |
---|---|
Summary | openvswitch systemd service ovs-vswitchd changes permissions of /dev/hugepages which interferes with other system components |
Classification | openSUSE |
Product | openSUSE Distribution |
Version | Leap 15.1 |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Other |
Assignee | jcaamano@suse.com |
Reporter | okurz@suse.com |
QA Contact | qa-bugs@suse.de |
CC | mchandras@suse.com |
Found By | --- |
Blocker | --- |
## Observation On an openSUSE Leap 15.1 aarch64 system we use /dev/hugepages for qemu. This worked fine until we installed the openvswitch package as the systemd service "ovs-vswitchd.service" changes the permission of /dev/hugepages so that another user can not write into the directory anymore. I found the according lines with: ``` $ find /usr/lib/systemd/ -name '*.service' | xargs grep hugepages /usr/lib/systemd/system/ovs-vswitchd.service:ExecStartPre=-/bin/sh -c '/usr/bin/chown :$${OVS_USER_ID##*:} /dev/hugepages' /usr/lib/systemd/system/ovs-vswitchd.service:ExecStartPre=-/usr/bin/chmod 0775 /dev/hugepages ``` I found the upstream commit that introduced that: https://github.com/openvswitch/ovs/commit/e3e738a3d0580a9a7178adfc9300a193b8df4ae5#diff-d9846707ff4b611f2ef841607aee9861R18 with the funny text "This change may be a bit controversial since it modifies /dev/hugepages as part of starting the ovs-vswitchd to set a hugetlbfs group ownership." -> Yes, it is controversial ;) ## Suggestion I doubt it is a good idea if an individual package takes ownership of a generic device folder and changes permissions on its own. ## Workaround For now to make the machine usable as an openQA instance again we applied a workaround with a custom override systemd service which resets permissions after the execution of the `osv-vswitchd.service` service.