ee8143d3f4
Description:
- Update OVS to version v3.1.0 and OVN to version v23.03.0
Actions:
- submit home:dpitchumani:branches:openSUSE:Factory/openvswitch => netowkr/openvswitch
Features:
- ovs-vswitchd now detects changes in CPU affinity and adjusts the number
of handler and revalidator threads if necessary.
- AF_XDP:
* Added support for building with libxdp and libbpf >= 0.7.
* Support for AF_XDP is now enabled by default if all dependencies are
available at the build time. Use --disable-afxdp to disable.
Use --enable-afxdp to fail the build if dependencies are not present.
- ovs-appctl:
* "ovs-appctl ofproto/trace" command can now display port names with the
"--names" option.
- OVSDB-IDL:
* Add the support to specify the persistent uuid for row insert in both
C and Python IDLs.
- Windows:
* Conntrack IPv6 fragment support.
- DPDK:
* Add support for DPDK 22.11.1.
- For the QoS max-rate and STP/RSTP path-cost configuration OVS now assumes
10 Gbps link speed by default in case the actual link speed cannot be
determined. Previously it was 10 Mbps. Values can still be overridden
by specifying 'max-rate' or '[r]stp-path-cost' accordingly.
- OpenFlow:
* New OpenFlow extension NXT_CT_FLUSH to flush connections matching
the specified fields.
- ovs-ctl:
* New option '--dump-hugepages' to include hugepages in core dumps. This
can assist with postmortem analysis involving DPDK, but may also produce
significantly larger core dump files.
- ovs-dpctl and 'ovs-appctl dpctl/' commands:
* 'flush-conntrack' is now capable of handling partial 5-tuple,
with additional optional parameter to specify the reply direction.
- ovs-ofctl:
* New command 'flush-conntrack' that accepts zone and 5-tuple (or partial
5-tuple) for both directions.
- Support for travis-ci.org based continuous integration builds has been
dropped.
- Userspace datapath:
* Add '-secs' argument to appctl 'dpif-netdev/pmd-rxq-show' to show
the pmd usage of an Rx queue over a configurable time period.
* Add new experimental PMD load based sleeping feature. PMD threads can
request to sleep up to a user configured 'pmd-maxsleep' value under
low load conditions.
-For more details, check
https://github.com/openvswitch/ovs/blob/v3.1.0/NEWS
-Includes secrity fix for CVE-2022-4338 (bsc#1206580) and CVE-2022-4337 (bsc#1206581)
- OVN package is not included as new version with API chnages are not yet released.
- Removed upstreamed patches,
* 0001-Replace-deprecated-var-run-with-run.patch
* openvswitch-CVE-2021-36980.patch
- Added ovsb tool install patch,
* install-ovsdb-tools.patch
OBS-URL: https://build.opensuse.org/request/show/1077608
OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=238
36 lines
1.2 KiB
Diff
36 lines
1.2 KiB
Diff
From 4de3a6e6fc67125a900913598344881c0b0bed71 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaamano@suse.com>
|
|
Date: Fri, 8 May 2020 11:15:57 +0200
|
|
Subject: [PATCH] Run openvswitch as openvswitch:openvswitch
|
|
|
|
Change default run configuration to unprivilieged user openvswitch and
|
|
group openvswitch. Expect any further customization from user in
|
|
sysconfig/openvswitch, including setting it back to privileged root:root
|
|
configuration.
|
|
|
|
Updated 2023-02-26 for version 3.1.0
|
|
|
|
diff --git a/rhel/etc_logrotate.d_openvswitch b/rhel/etc_logrotate.d_openvswitch
|
|
index c0f476744..fa6303873 100644
|
|
--- a/rhel/etc_logrotate.d_openvswitch
|
|
+++ b/rhel/etc_logrotate.d_openvswitch
|
|
@@ -6,7 +6,7 @@
|
|
# without warranty of any kind.
|
|
|
|
/var/log/openvswitch/*.log {
|
|
- su root root
|
|
+ su openvswitch openvswitch
|
|
daily
|
|
compress
|
|
sharedscripts
|
|
diff --git a/rhel/etc_openvswitch_default.conf b/rhel/etc_openvswitch_default.conf
|
|
index c74417db6..569ca95de 100644
|
|
--- a/rhel/etc_openvswitch_default.conf
|
|
+++ b/rhel/etc_openvswitch_default.conf
|
|
@@ -2,4 +2,4 @@
|
|
|
|
# The following is the *default* configuration for the openvswitch user ID.
|
|
# This is for backward compatibility.
|
|
-OVS_USER_ID="root:root"
|
|
+OVS_USER_ID="openvswitch:openvswitch"
|