rpm/openvswitch
SHA256
1
0
Fork 0
forked from pool/openvswitch
Code Pull Requests Activity
00e85ebde6
openvswitch/0001-Run-openvswitch-as-openvswitch-openvswitch.patch

42 lines
1.4 KiB
Diff
Raw Normal View History

Accepting request 802898 from home:jaicaa:branches:network - Update openvswitch to 2.13.0. * For a list of changes, check https://github.com/openvswitch/ovs/blob/v2.13.0/NEWS * This version drops python2 binding support. Only python3 bindings provided going forward. * Tool ovs-vlan-bug-workaround is no longer provided. - OVN was split to its own repo but is still built together with OVS and as such from this same source package. OVN initial version is 20.03. * For a list of changes, check https://github.com/ovn-org/ovn/blob/v20.03.0/NEWS * Packages openvswitch-ovn* are renamed to ovn*. * OVN now has its own sysconfig and log paths. - Add OVS patch to be proposed upstream: * 0001-rhel-Fix-reload-of-OVS_USER_ID-on-startup.patch - Patch instead of post-processing configuration files to set running credentials (bsc#1157338): * 0001-Run-openvswitch-as-openvswitch-openvswitch.patch * 0001-Run-ovn-as-openvswitch-openvswitch.patch - Will no longer change group ownership of /dev/hugepages to 'hugetlbfs' (bsc#1140835). System admin should mount hugepages on a path and permissions of his choosing for OVS. Add patch: * 0001-dont-change-permissions-of-dev-hugepages.patch - Will no longer install udev rule to change group ownership of vfio devices to 'hugetlbfs'. Group name does not make much sense in this case and ownership of vfio devices should be coordinated system wide or per device. - Will no longer run under group 'hugetlbfs' on new installs with DPDK enabled. OVS will now run under group 'openvswitch' whether compiled with DPDK support or not. - OVS persistent state is now saved on /var/lib/openvswitch instead of /etc/openvswitch for new installs. OBS-URL: https://build.opensuse.org/request/show/802898 OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=196
2020-05-20 09:45:43 +02:00
From 4de3a6e6fc67125a900913598344881c0b0bed71 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaamano@suse.com>
Date: Fri, 8 May 2020 11:15:57 +0200
Subject: [PATCH] Run openvswitch as openvswitch:openvswitch
Change default run configuration to unprivilieged user openvswitch and
group openvswitch. Expect any further customization from user in
sysconfig/openvswitch, including setting it back to privileged root:root
configuration.
---
rhel/etc_logrotate.d_openvswitch | 2 +-
rhel/etc_openvswitch_default.conf | 3 +--
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/rhel/etc_logrotate.d_openvswitch b/rhel/etc_logrotate.d_openvswitch
index f4302ffbc..eaf1fd5bf 100644
--- a/rhel/etc_logrotate.d_openvswitch
+++ b/rhel/etc_logrotate.d_openvswitch
@@ -6,7 +6,7 @@
# without warranty of any kind.
/var/log/openvswitch/*.log {
- su root root
+ su openvswitch openvswitch
daily
compress
sharedscripts
diff --git a/rhel/etc_openvswitch_default.conf b/rhel/etc_openvswitch_default.conf
index c74417db6..20d1f5f54 100644
--- a/rhel/etc_openvswitch_default.conf
+++ b/rhel/etc_openvswitch_default.conf
@@ -1,5 +1,4 @@
# DO NOT EDIT THIS FILE
# The following is the *default* configuration for the openvswitch user ID.
-# This is for backward compatibility.
-OVS_USER_ID="root:root"
+OVS_USER_ID="openvswitch:openvswitch"
--
2.16.4
Copy Permalink