This is a multi-part message in MIME format.
--------------010107080201000308010704
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
On 11/25/2013 01:38 PM, Gianluca Cecchi wrote:
On Mon, Nov 25, 2013 at 1:12 PM, Vinzenz Feenstra wrote:
> On 11/25/2013 01:09 PM, Vinzenz Feenstra wrote:
>> On 11/25/2013 12:54 PM, Patrick Hurrelmann wrote:
>>> If you had rhev-guest-agent installed before, then manually remove the
>>> user rhevagent and group rhevagent before installing ovirt-guest-agent.
>>> the ovirt-guest-agent reuses the same uid and gid, but fails to add them
>>> upon install when the rhev user and group is still existing.
>> Ah yeah that explains it. Well I am not sure if the workaround for this is
>> appropriate in the rpm.
>> I think that should be fixed on the system, it's not really expected that
>> someone would be 'upgrading' from the rhev-agent
> "it's not really expected that someone would be 'upgrading' from
the
> rhev-agent" to the ovirt-guest-agent.
>
>>> Regards
>>> Patrick
>>>
Patrick was right
Having before installed and then removed rhev-agent to test
ovirt-agent I still had:
passwd
rhevagent:x:175:175:RHEV Agent:/:/sbin/nologin
ovirtagent:x:175:175:oVirt Guest Agent:/:/sbin/nologin
group
rhevagent:x:175:
So after removing ovirt-guest-agent and
userdel ovirtagent
groupdel rhevagent
verified no more entries and reinstalled ovirt-guest-agent, now only
passwd
ovirtagent:x:175:175:oVirt Guest Agent:/:/sbin/nologin
group
ovirtagent:x:175:
[root@c510 ~]# service ovirt-guest-agent start
Starting ovirt-guest-agent: [ OK ]
[root@c510 ~]# service ovirt-guest-agent status
ovirt-guest-agent (pid 3527) is running...
Only entry in log file:
MainThread::INFO::2013-11-25
13:30:29,676::ovirt-guest-agent::37::root::Starting oVirt guest agent
and I'm able to see again IP, installed applications, ecc for the VM
So the rpm itself seems ok.
Eventually it could be useful to verify no rhev-agent package exist
and no other user/group with same id.
Should it considered a standard way of proceeding to delete user group
or not in general?
Because in this case as a post-uninstall step could be safe to remove them.
Usually
you don't remove groups and users in rpms. It's actually
mentioned in the Fedora Packaging guidelines:
https://fedoraproject.org/wiki/Packaging:UsersAndGroups#Allocation_Strate...
Quote:
* Do not remove users or groups*
**We never remove users or groups created by packages. There's no sane
way to check if files owned by those users/groups are left behind (and
even if there would, what would we do with them?) and leaving those
behind with ownerships **pointing to now nonexistent users/groups may
result in security issues when a semantically unrelated user/group is
created later and reuses the UID/GID. Also, in some setups deleting the
user/group might not be possible or/nor desirable **(eg. when using a
shared, remote user/group database). Cleanup of unused users/groups is
left to the system administrators to take care of if they so desire.
Thanks,
Gianluca
--
Regards,
Vinzenz Feenstra | Senior Software Engineer
RedHat Engineering Virtualization R & D
Phone: +420 532 294 625
IRC: vfeenstr or evilissimo
Better technology. Faster innovation. Powered by community collaboration.
See how it works at
redhat.com
--------------010107080201000308010704
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit
<html>
<head>
<meta content="text/html; charset=UTF-8"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 11/25/2013 01:38 PM, Gianluca Cecchi
wrote:<br>
</div>
<blockquote
cite="mid:CAG2kNCwPh9K8oOYrEu5BruUjh6Lv28f6eHz20BPRTf7gsrE7Hw@mail.gmail.com"
type="cite">
<pre wrap="">On Mon, Nov 25, 2013 at 1:12 PM, Vinzenz Feenstra
wrote:
</pre>
<blockquote type="cite">
<pre wrap="">On 11/25/2013 01:09 PM, Vinzenz Feenstra wrote:
</pre>
<blockquote type="cite">
<pre wrap="">
On 11/25/2013 12:54 PM, Patrick Hurrelmann wrote:
</pre>
</blockquote>
</blockquote>
<pre wrap="">
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">
If you had rhev-guest-agent installed before, then manually remove the
user rhevagent and group rhevagent before installing ovirt-guest-agent.
the ovirt-guest-agent reuses the same uid and gid, but fails to add them
upon install when the rhev user and group is still existing.
</pre>
</blockquote>
<pre wrap="">
Ah yeah that explains it. Well I am not sure if the workaround for this is
appropriate in the rpm.
I think that should be fixed on the system, it's not really expected that
someone would be 'upgrading' from the rhev-agent
</pre>
</blockquote>
<pre wrap="">
"it's not really expected that someone would be 'upgrading' from the
rhev-agent" to the ovirt-guest-agent.
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">
Regards
Patrick
</pre>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">
Patrick was right
Having before installed and then removed rhev-agent to test
ovirt-agent I still had:
passwd
rhevagent:x:175:175:RHEV Agent:/:/sbin/nologin
ovirtagent:x:175:175:oVirt Guest Agent:/:/sbin/nologin
group
rhevagent:x:175:
So after removing ovirt-guest-agent and
userdel ovirtagent
groupdel rhevagent
verified no more entries and reinstalled ovirt-guest-agent, now only
passwd
ovirtagent:x:175:175:oVirt Guest Agent:/:/sbin/nologin
group
ovirtagent:x:175:
[root@c510 ~]# service ovirt-guest-agent start
Starting ovirt-guest-agent: [ OK ]
[root@c510 ~]# service ovirt-guest-agent status
ovirt-guest-agent (pid 3527) is running...
Only entry in log file:
MainThread::<a class="moz-txt-link-freetext"
href="INFO::2013-11-25">INFO::2013-11-25</a>
13:30:29,676::ovirt-guest-agent::37::root::Starting oVirt guest agent
and I'm able to see again IP, installed applications, ecc for the VM
So the rpm itself seems ok.
Eventually it could be useful to verify no rhev-agent package exist
and no other user/group with same id.
Should it considered a standard way of proceeding to delete user group
or not in general?
Because in this case as a post-uninstall step could be safe to remove them.</pre>
</blockquote>
Usually you don't remove groups and users in rpms. It's actually
mentioned in the Fedora Packaging guidelines:
<a class="moz-txt-link-freetext"
href="https://fedoraproject.org/wiki/Packaging:UsersAndGroups#Alloca...
<br>
Quote:<br>
<b> Do not remove users or groups</b><br>
<b> </b>We never remove users or groups created by packages.
There's no sane way to check if files owned by those users/groups
are left behind (and even if there would, what would we do with
them?) and leaving those behind with ownerships <b> </b>pointing
to now nonexistent users/groups may result in security issues when a
semantically unrelated user/group is created later and reuses the
UID/GID. Also, in some setups deleting the user/group might not be
possible or/nor desirable <b> </b>(eg. when using a shared,
remote user/group database). Cleanup of unused users/groups is left
to the system administrators to take care of if they so desire.<br>
<blockquote
cite="mid:CAG2kNCwPh9K8oOYrEu5BruUjh6Lv28f6eHz20BPRTf7gsrE7Hw@mail.gmail.com"
type="cite">
<pre wrap="">
Thanks,
Gianluca
</pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
Regards,
Vinzenz Feenstra | Senior Software Engineer
RedHat Engineering Virtualization R & D
Phone: +420 532 294 625
IRC: vfeenstr or evilissimo
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com</pre>
</body>
</html>
--------------010107080201000308010704--