On Fri, Jul 08, 2016 at 07:08:05PM +0200, Andrea Bolognani wrote: > On Thu, 2016-07-07 at 17:41 +0200, Jaroslav Suchanek wrote: > > Follow the same logic for adding qemu user also for kvm and qemu groups. As > > is described in https://fedoraproject.org/wiki/Packaging:UsersAndGroups > > document there should be preallocated UIDs and GIDs for libvirt. A check for > > required group id was added prior groupadd execution. > > > > Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1351792 > > --- > > libvirt.spec.in | 16 ++++++++++++++-- > > 1 file changed, 14 insertions(+), 2 deletions(-) > > > > diff --git a/libvirt.spec.in b/libvirt.spec.in > > index 2b98836..3dc3193 100644 > > --- a/libvirt.spec.in > > +++ b/libvirt.spec.in > > @@ -1464,8 +1464,20 @@ fi > > # We want soft static allocation of well-known ids, as disk images > > # are commonly shared across NFS mounts by id rather than name; see > > # https://fedoraproject.org/wiki/Packaging:UsersAndGroups > > -getent group kvm >/dev/null || groupadd -f -g 36 -r kvm > > -getent group qemu >/dev/null || groupadd -f -g 107 -r qemu > > +if ! getent group kvm >/dev/null; then > > + if ! getent group 36 >/dev/null; then > > + groupadd -f -g 36 -r kvm > > + else > > + groupadd -f -r kvm > > + fi > > +fi > > +if ! getent group qemu >/dev/null; then > > + if ! getent group 107 >/dev/null; then > > + groupadd -f -g 107 -r qemu > > + else > > + groupadd -f -r qemu > > + fi > > +fi > > if ! getent passwd qemu >/dev/null; then > > if ! getent passwd 107 >/dev/null; then > > useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin -c "qemu user" qemu > > There's no need to do that, as groupadd's -f flag already > does what you want in this situation: > > When used with -g, and the specified GID already exists, > another (unique) GID is chosen > > The commit that fixed the allocation issue is > > commit a2584d58f6f7d941b960f996c8e26df8294b79b9 > Author: Eric Blake <eblake@xxxxxxxxxx> > Date: Wed May 1 14:28:43 2013 -0600 > > spec: proper soft static allocation of qemu uid > > https://bugzilla.redhat.com/show_bug.cgi?id=924501 tracks a > problem that occurs if uid 107 is already in use at the time > libvirt is first installed. In response that problem, Fedora > packaging guidelines were recently updated. This fixes the > spec file to comply with the new guidelines: > https://fedoraproject.org/wiki/Packaging:UsersAndGroups > > * libvirt.spec.in (daemon): Follow updated Fedora guidelines. > > Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> > > v1.0.5-35-ga2584d5 > > which has been backported to the v0.10.2-maint branch as > well. So downstream just need to pick up that commit :) > > NACK Argh, my bad. Thanks Andrea for your precise review... ;) J. -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list