Clemens Famulla-Conrad
30dfafc4b3
https://github.com/openvswitch/ovs/blob/v3.3.2/NEWS - Update OVN to 24.03.5. For a list of changes, check https://github.com/ovn-org/ovn/blob/v24.03.5/NEWS - This update fix CVE-2025-0650 ovn: egress ACLs may be bypassed via specially crafted UDP packet (bsc#1236353) OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=267
36 lines
1.2 KiB
Diff
36 lines
1.2 KiB
Diff
From 4de3a6e6fc67125a900913598344881c0b0bed71 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaamano@suse.com>
|
|
Date: Fri, 8 May 2020 11:15:57 +0200
|
|
Subject: [PATCH] Run openvswitch as openvswitch:openvswitch
|
|
|
|
Change default run configuration to unprivilieged user openvswitch and
|
|
group openvswitch. Expect any further customization from user in
|
|
sysconfig/openvswitch, including setting it back to privileged root:root
|
|
configuration.
|
|
|
|
Updated 2023-02-26 for version 3.1.0
|
|
|
|
diff --git a/rhel/etc_logrotate.d_openvswitch b/rhel/etc_logrotate.d_openvswitch
|
|
index c0f476744..fa6303873 100644
|
|
--- a/rhel/etc_logrotate.d_openvswitch
|
|
+++ b/rhel/etc_logrotate.d_openvswitch
|
|
@@ -6,7 +6,7 @@
|
|
# without warranty of any kind.
|
|
|
|
/var/log/openvswitch/*.log {
|
|
- su root root
|
|
+ su openvswitch openvswitch
|
|
daily
|
|
compress
|
|
sharedscripts
|
|
diff --git a/rhel/etc_openvswitch_default.conf b/rhel/etc_openvswitch_default.conf
|
|
index c74417db6..569ca95de 100644
|
|
--- a/rhel/etc_openvswitch_default.conf
|
|
+++ b/rhel/etc_openvswitch_default.conf
|
|
@@ -2,4 +2,4 @@
|
|
|
|
# The following is the *default* configuration for the openvswitch user ID.
|
|
# This is for backward compatibility.
|
|
-OVS_USER_ID="root:root"
|
|
+OVS_USER_ID="openvswitch:openvswitch"
|