[Users] Guest Agent

Vinzenz Feenstra vfeenstr at redhat.com
Mon Nov 25 12:44:25 UTC 2013 

On 11/25/2013 01:38 PM, Gianluca Cecchi wrote:
> On Mon, Nov 25, 2013 at 1:12 PM, Vinzenz Feenstra  wrote:
>> On 11/25/2013 01:09 PM, Vinzenz Feenstra wrote:
>>> On 11/25/2013 12:54 PM, Patrick Hurrelmann wrote:
>>>> If you had rhev-guest-agent installed before, then manually remove the
>>>> user rhevagent and group rhevagent before installing ovirt-guest-agent.
>>>> the ovirt-guest-agent reuses the same uid and gid, but fails to add them
>>>> upon install when the rhev user and group is still existing.
>>> Ah yeah that explains it. Well I am not sure if the workaround for this is
>>> appropriate in the rpm.
>>> I think that should be fixed on the system, it's not really expected that
>>> someone would be 'upgrading' from the rhev-agent
>> "it's not really expected that someone would be 'upgrading' from the
>> rhev-agent" to the ovirt-guest-agent.
>>
>>>> Regards
>>>> Patrick
>>>>
>
> Patrick was right
> Having before installed and then removed rhev-agent to test
> ovirt-agent I still had:
>
> passwd
> rhevagent:x:175:175:RHEV Agent:/:/sbin/nologin
> ovirtagent:x:175:175:oVirt Guest Agent:/:/sbin/nologin
>
> group
> rhevagent:x:175:
>
> So after removing ovirt-guest-agent and
> userdel ovirtagent
> groupdel rhevagent
>
> verified no more entries and reinstalled ovirt-guest-agent, now only
>
> passwd
> ovirtagent:x:175:175:oVirt Guest Agent:/:/sbin/nologin
>
> group
> ovirtagent:x:175:
>
>
> [root at c510 ~]# service ovirt-guest-agent start
> Starting ovirt-guest-agent:                                [  OK  ]
>
> [root at c510 ~]# service ovirt-guest-agent status
> ovirt-guest-agent (pid  3527) is running...
>
> Only entry in log file:
> MainThread::INFO::2013-11-25
> 13:30:29,676::ovirt-guest-agent::37::root::Starting oVirt guest agent
>
> and I'm able to see again IP, installed applications, ecc for the VM
> So the rpm itself seems ok.
> Eventually it could be useful to verify no rhev-agent package exist
> and no other user/group with same id.
> Should it considered a standard way of proceeding to delete user group
> or not in general?
> Because in this case as a post-uninstall step could be safe to remove them.
Usually you don't remove groups and users in rpms. It's actually 
mentioned in the Fedora Packaging guidelines: 
https://fedoraproject.org/wiki/Packaging:UsersAndGroups#Allocation_Strategies

Quote:
*    Do not remove users or groups*
**We never remove users or groups created by packages. There's no sane 
way to check if files owned by those users/groups are left behind (and 
even if there would, what would we do with them?) and leaving those 
behind with ownerships **pointing to now nonexistent users/groups may 
result in security issues when a semantically unrelated user/group is 
created later and reuses the UID/GID. Also, in some setups deleting the 
user/group might not be possible or/nor desirable **(eg. when using a 
shared, remote user/group database). Cleanup of unused users/groups is 
left to the system administrators to take care of if they so desire.
>
> Thanks,
> Gianluca


-- 
Regards,

Vinzenz Feenstra | Senior Software Engineer
RedHat Engineering Virtualization R & D
Phone: +420 532 294 625
IRC: vfeenstr or evilissimo

Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20131125/56d9833f/attachment-0001.html>

More information about the Users mailing list