From 933defe9f00c7f31309495998f0c1b0dbe5b26f6373a4a8a4f656f3067ea7eb0 Mon Sep 17 00:00:00 2001
From: Marcus Meissner <meissner@suse.com>
Date: Mon, 22 Jun 2020 11:21:05 +0000
Subject: [PATCH] Accepting request 814738 from home:jaicaa:branches:network

- Fix preserving old default OVS_USER_ID for users that removed the
  override at /etc/sysconfig/openvswitch or for users affected by
  fillup bug below (bsc#1172861).
- Add patch to workaround a possible fillup issue that could cause
  existing openvswitch configuration to be unintendedly altered during
  upgrades (bsc#1172929).
  * 0001-Use-double-hash-for-OVS_USER_ID-comment.patch

OBS-URL: https://build.opensuse.org/request/show/814738
OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=201
---
 ...-double-hash-for-OVS_USER_ID-comment.patch | 22 +++++++++
 openvswitch.changes                           | 11 +++++
 openvswitch.spec                              | 45 ++++++++++++++++---
 3 files changed, 71 insertions(+), 7 deletions(-)
 create mode 100644 0001-Use-double-hash-for-OVS_USER_ID-comment.patch

diff --git a/0001-Use-double-hash-for-OVS_USER_ID-comment.patch b/0001-Use-double-hash-for-OVS_USER_ID-comment.patch
new file mode 100644
index 0000000..3d546c6
--- /dev/null
+++ b/0001-Use-double-hash-for-OVS_USER_ID-comment.patch
@@ -0,0 +1,22 @@
+From e007ba2d276530db6aa8a242b069f356395cd8e5 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaamano@suse.com>
+Date: Mon, 15 Jun 2020 15:15:53 +0200
+Subject: [PATCH] Use double hash for OVS_USER_ID comment
+
+---
+ rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template b/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template
+index c467d02db..10b841679 100644
+--- a/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template
++++ b/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template
+@@ -28,4 +28,4 @@
+ OPTIONS=""
+ 
+ # Uncomment and set the OVS User/Group value
+-#OVS_USER_ID="openvswitch:openvswitch"
++## OVS_USER_ID="openvswitch:openvswitch"
+-- 
+2.26.1
+
diff --git a/openvswitch.changes b/openvswitch.changes
index 65c5d2c..c9d6359 100644
--- a/openvswitch.changes
+++ b/openvswitch.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Mon Jun 15 13:21:22 UTC 2020 - Jaime Caamaño Ruiz <jcaamano@suse.com>
+
+- Fix preserving old default OVS_USER_ID for users that removed the
+  override at /etc/sysconfig/openvswitch or for users affected by
+  fillup bug below (bsc#1172861).
+- Add patch to workaround a possible fillup issue that could cause
+  existing openvswitch configuration to be unintendedly altered during
+  upgrades (bsc#1172929).
+  * 0001-Use-double-hash-for-OVS_USER_ID-comment.patch
+
 -------------------------------------------------------------------
 Wed Jun  3 14:53:21 UTC 2020 - Jaime Caamaño Ruiz <jcaamano@suse.com>
 
diff --git a/openvswitch.spec b/openvswitch.spec
index 1aebb5e..438774d 100644
--- a/openvswitch.spec
+++ b/openvswitch.spec
@@ -68,6 +68,8 @@ Patch1:         0001-Run-openvswitch-as-openvswitch-openvswitch.patch
 Patch2:         0001-Don-t-change-permissions-of-dev-hugepages.patch
 # PATCH-FIX-UPSTREAM: 0001-rhel-Fix-reload-of-OVS_USER_ID-on-startup.patch
 Patch3:         0001-rhel-Fix-reload-of-OVS_USER_ID-on-startup.patch
+# PATCH-FIX-OPENSUSE: 0001-Use-double-hash-for-OVS_USER_ID-comment.patch
+Patch4:         0001-Use-double-hash-for-OVS_USER_ID-comment.patch
 #OVN patches
 # PATCH-FIX-OPENSUSE: 0001-Run-ovn-as-openvswitch-openvswitch.patch
 Patch20:        0001-Run-ovn-as-openvswitch-openvswitch.patch
@@ -387,6 +389,7 @@ Devel libraries and headers for Open Virtual Network.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 cd %{ovn_dir}
 %patch20 -p1
 
@@ -825,19 +828,47 @@ if [ -e %{rpmstate}openvswitch ]; then
     systemctl enable openvswitch.service
 fi
 
+ovsdbdir_regex="^[[:space:]]*OVS_DBDIR[[:space:]]*="
+ovsuserid_regex="^[[:space:]]*OVS_USER_ID[[:space:]]*="
+ovsvar_valueregex="[^=]*=[[:space:]]*["'"'"']{0,1}([^"'"'"']*)["'"'"']{0,1}[[:space:]]*$"
+conf="%{_sysconfdir}/sysconfig/openvswitch"
+ovsdbdir=$(grep -E "${ovsdbdir_regex}" "${conf}" | tail -1 | sed -E --posix 's|'"${ovsvar_valueregex}"'|\1|')
+ovsuserid=$(grep -E "${ovsuserid_regex}" "${conf}" | tail -1 | sed -E --posix 's|'"${ovsvar_valueregex}"'|\1|')
+
 # Default DB path changed from /etc/openvswitch to /var/lib/openvswitch.
 # But try to keep the old path for upgraded users already making use of it.
-ovsdbpid=$(systemctl is-active --quiet ovsdb-server && systemctl show -p MainPID --value ovsdb-server || echo 0)
-if [ $ovsdbpid -gt 0 ] && [ -n "$(find /proc/$ovsdbpid/fd/ -type l -lname '%{_sysconfdir}/openvswitch/conf.db')" ]; then
-    # We have ovsdb-server pid from the unit file with DB open at the old path.
-    # If we did not override OVS_DBDIR already, do it.
-    if ! grep -qE "^OVS_DBDIR=" %{_sysconfdir}/sysconfig/openvswitch; then
-        sed -i -e '1{r /dev/stdin' -e 'N}' %{_sysconfdir}/sysconfig/openvswitch << EOF
+if [ -z "$ovsdbdir" ]; then
+    ovsdbpid=$(systemctl is-active --quiet ovsdb-server && systemctl show -p MainPID --value ovsdb-server || echo 0)
+    if [ $ovsdbpid -gt 0 ] && [ -n "$(find /proc/$ovsdbpid/fd/ -type l -lname '%{_sysconfdir}/openvswitch/conf.db')" ]; then
+        # We have ovsdb-server pid from the unit file with DB open at the old path.
+        ovsdbdir="%{_sysconfdir}/openvswitch"
+        sed -i -e '1{r /dev/stdin' -e 'N}' "%{_sysconfdir}/sysconfig/openvswitch" << EOF
+
 # OVS_DBDIR was automatically inserted here on openvswitch package upgrade to
 # preserve the currently used /etc/openvswitch as the database directory.
 # Note that new installs use /var/lib/openvswitch as the default database
 # directory by omission.
-OVS_DBDIR=%{_sysconfdir}/openvswitch
+OVS_DBDIR="%{_sysconfdir}/openvswitch"
+
+EOF
+    fi
+fi
+
+# Default OVS user changed from root:root to openvswitch:openvswitch.
+# But try to keep root:root for upgraded users already making use of it.
+# Use .conf.db.~lock~ instead of conf.db as conf.db might have been moved
+# to a backup on a previous run attempt.
+if [ -z "$ovsuserid" -a -n "$ovsdbdir" -a -f "$ovsdbdir/.conf.db.~lock~" ]; then
+    ovsuserid=$(stat -c "%U:%G" "$ovsdbdir/.conf.db.~lock~")
+    if [ "$ovsuserid" = "root:root" ]; then
+        sed -i -e '1{r /dev/stdin' -e 'N}' "%{_sysconfdir}/sysconfig/openvswitch" << EOF
+
+# OVS_USER_ID was automatically inserted here on openvswitch package upgrade to
+# preserve the currently used root:root as the openvswitch running credentials.
+# Note that new installs use openvswitch:openvswitch as the default openvswitch
+# running credentials by omission.
+OVS_USER_ID="root:root"
+
 EOF
     fi
 fi