Accepting request 744426 from home:jaicaa:branches:network

- Update openvswitch to 2.12.0. For a list of changes, check https://github.com/openvswitch/ovs/blob/master/NEWS - Removed patches that are already included upstream: * 0001-rhel-secure-openvswitch-useropts.patch * 0002-rhel-let-ctl-handle-runtime-directory.patch - Rebased patches: * 0001-Use-strongswan-for-openvswitch-ipsec-service.patch OBS-URL: https://build.opensuse.org/request/show/744426 OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=192
2019-10-31 12:42:47 +00:00 · 2019-10-31 12:42:47 +00:00 · 312d116c79
commit 312d116c79
parent b39f80b04b
7 changed files with 24 additions and 106 deletions
--- a/0001-Use-strongswan-for-openvswitch-ipsec-service.patch
+++ b/0001-Use-strongswan-for-openvswitch-ipsec-service.patch
@ -1,7 +1,7 @@
-From 6aca005f17aecf003da9a85f8dd099baef771572 Mon Sep 17 00:00:00 2001
+From f786cf97880bdf1ebed65db2f560ff15f1f29413 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaamano@suse.com>
-Date: Fri, 26 Apr 2019 15:27:05 +0200
+Date: Mon, 28 Oct 2019 15:14:19 +0100
-Subject: [PATCH 1/6] Use strongswan for openvswitch-ipsec service
+Subject: [PATCH] Use strongswan for openvswitch-ipsec service
 Since libreswan is not packaged for Leap/SLES, use strongswan for the
 time being.
@ -10,12 +10,12 @@ time being.
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/rhel/usr_lib_systemd_system_openvswitch-ipsec.service b/rhel/usr_lib_systemd_system_openvswitch-ipsec.service
-index 6e309aa57..34e3f4c90 100644
+index d8f47af68..3c4a40138 100644
 --- a/rhel/usr_lib_systemd_system_openvswitch-ipsec.service
 +++ b/rhel/usr_lib_systemd_system_openvswitch-ipsec.service
-@@ -6,7 +6,7 @@ After=openvswitch.service
+@@ -7,7 +7,7 @@ After=openvswitch.service
 [Service]
 Type=forking
 PIDFile=/var/run/openvswitch/ovs-monitor-ipsec.pid
 ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \
 -                    --ike-daemon=libreswan start-ovs-ipsec
 +                    --ike-daemon=strongswan start-ovs-ipsec
--- a/0001-rhel-secure-openvswitch-useropts.patch
+++ b/0001-rhel-secure-openvswitch-useropts.patch
@ -1,39 +0,0 @@
 From aec69da8a2385b3d1368b484aa247876fbc2018d Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaamano@suse.com>
 Date: Wed, 8 May 2019 13:53:47 +0200
 Subject: [PATCH 1/2] rhel: secure openvswitch useropts
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 The openvswitch useropts file is being stored in a directory where the
 openvswitch user has write permissions. The openvswitch user can then
 manipulate the file to change the user under which switchd daemon runs.
 This patch changes the file to /var/openvswitch.useropts preventing any
 manipulation.
 Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
 Signed-off-by: Ben Pfaff <blp@ovn.org>
 ---
 rhel/usr_lib_systemd_system_ovsdb-server.service | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/rhel/usr_lib_systemd_system_ovsdb-server.service b/rhel/usr_lib_systemd_system_ovsdb-server.service
 index 70da1ec95..0f9d936b3 100644
 --- a/rhel/usr_lib_systemd_system_ovsdb-server.service
 +++ b/rhel/usr_lib_systemd_system_ovsdb-server.service
@@ -11,8 +11,8 @@ Restart=on-failure
 EnvironmentFile=/etc/openvswitch/default.conf
 EnvironmentFile=-/etc/sysconfig/openvswitch
 ExecStartPre=/usr/bin/chown ${OVS_USER_ID} /var/run/openvswitch /var/log/openvswitch
 -ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch/useropts; if [ "$${OVS_USER_ID/:*/}" != "root" ]; then /usr/bin/echo "OVSUSER=--ovs-user=${OVS_USER_ID}" > /run/openvswitch/useropts; fi'
 -EnvironmentFile=-/run/openvswitch/useropts
 +ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch.useropts; if [ "$${OVS_USER_ID/:*/}" != "root" ]; then /usr/bin/echo "OVSUSER=--ovs-user=${OVS_USER_ID}" > /run/openvswitch.useropts; fi'
 +EnvironmentFile=-/run/openvswitch.useropts
 ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \
           --no-ovs-vswitchd --no-monitor --system-id=random \
           ${OVSUSER} \
 -- 
 2.16.4
--- a/0002-rhel-let-ctl-handle-runtime-directory.patch
+++ b/0002-rhel-let-ctl-handle-runtime-directory.patch
@ -1,48 +0,0 @@
 From eb48aba90b582df6dd7d2798a34ac31f7ed68282 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaamano@suse.com>
 Date: Mon, 10 Jun 2019 14:58:10 +0200
 Subject: [PATCH] rhel: let *-ctl handle runtime directory
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Recent versions of systemd restores RuntimeDirectory ownership to the
 unit's User in between execution of *Exec directives (see [1]). Using
 ExecStartPre to reset RuntimeDirectory ownership to OVS_USER no longer
 works as expected.
 The ctl scripts already handle creation of the runtime directory with
 correct ownership and permissions so we can basically remove
 RuntimeDirectory from systemd unit file. There is still need to handle
 ownsership to cover some upgrade scenarios, but success of that will be
 optional as the directory itself wont exist at first time run.
 [1] https://github.com/systemd/systemd/issues/12713
 Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
 ---
 rhel/usr_lib_systemd_system_ovsdb-server.service | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)
 diff --git a/rhel/usr_lib_systemd_system_ovsdb-server.service b/rhel/usr_lib_systemd_system_ovsdb-server.service
 index 0f9d936b3..22c704561 100644
 --- a/rhel/usr_lib_systemd_system_ovsdb-server.service
 +++ b/rhel/usr_lib_systemd_system_ovsdb-server.service
@@ -10,7 +10,7 @@ Type=forking
 Restart=on-failure
 EnvironmentFile=/etc/openvswitch/default.conf
 EnvironmentFile=-/etc/sysconfig/openvswitch
 -ExecStartPre=/usr/bin/chown ${OVS_USER_ID} /var/run/openvswitch /var/log/openvswitch
 +ExecStartPre=-/usr/bin/chown ${OVS_USER_ID} /var/run/openvswitch /var/log/openvswitch
 ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch.useropts; if [ "$${OVS_USER_ID/:*/}" != "root" ]; then /usr/bin/echo "OVSUSER=--ovs-user=${OVS_USER_ID}" > /run/openvswitch.useropts; fi'
 EnvironmentFile=-/run/openvswitch.useropts
 ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \
@@ -21,5 +21,3 @@ ExecStop=/usr/share/openvswitch/scripts/ovs-ctl --no-ovs-vswitchd stop
 ExecReload=/usr/share/openvswitch/scripts/ovs-ctl --no-ovs-vswitchd \
            ${OVSUSER} \
            --no-monitor restart $OPTIONS
 -RuntimeDirectory=openvswitch
 -RuntimeDirectoryMode=0755
 -- 
 2.16.4
--- a/openvswitch-2.11.1.tar.gz
+++ b/openvswitch-2.11.1.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:c1296ae44a7b176150915e33bc497cc0a7a02caeba84ea43ce9b6a2509d9b5dc
 size 7682693
--- a/openvswitch-2.12.0.tar.gz
+++ b/openvswitch-2.12.0.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:13fd42703180b4b1146c7e97926d09225485868cc2fbbd58dc0c421b4b8fe8f8
 size 8162771
--- a/openvswitch.changes
+++ b/openvswitch.changes
@ -1,3 +1,14 @@
 -------------------------------------------------------------------
 Mon Oct 28 14:56:34 UTC 2019 - Jaime Caamaño Ruiz <jcaamano@suse.com>
 - Update openvswitch to 2.12.0. For a list of changes, check
  https://github.com/openvswitch/ovs/blob/master/NEWS 
 - Removed patches that are already included upstream:
  * 0001-rhel-secure-openvswitch-useropts.patch
  * 0002-rhel-let-ctl-handle-runtime-directory.patch
 - Rebased patches:
  * 0001-Use-strongswan-for-openvswitch-ipsec-service.patch
 -------------------------------------------------------------------
 Thu Aug  8 11:55:36 UTC 2019 -  <jcaamano@suse.com>
--- a/openvswitch.spec
+++ b/openvswitch.spec
@ -22,7 +22,7 @@
 %if ! %{defined _fillupdir}
  %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
-%define lname libopenvswitch-2_11-0
+%define lname libopenvswitch-2_12-0
 %ifarch aarch64 x86_64
 %if 0%{?suse_version}
 # DPDK enabled only SUSE/openSUSE
@ -41,7 +41,7 @@
 # Disable building the external kernel datapath by default
 %bcond_with kmp
 Name:           openvswitch
-Version:        2.11.1
+Version:        2.12.0
 Release:        0
 Summary:        A multilayer virtual network switch
 # All code is Apache-2.0 except
@ -55,10 +55,6 @@ Source1:        preamble
 Source89:       Module.supported.updates
 # PATCH-FIX-OPENSUSE: Use-strongswan-for-openvswitch-ipsec-service.patch
 Patch0:         0001-Use-strongswan-for-openvswitch-ipsec-service.patch
 # PATCH-FIX-UPSTREAM: 0001-rhel-secure-openvswitch-useropts.patch
 Patch1:         0001-rhel-secure-openvswitch-useropts.patch
 # PATCH-FIX-UPSTREAM: 0002-rhel-let-ctl-handle-runtime-directory.patch
 Patch2:         0002-rhel-let-ctl-handle-runtime-directory.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  graphviz
@ -118,9 +114,9 @@ Suggests:       openvswitch-kmp
 %if %{with dpdk}
 # We need to be a bit strict with the dpdk version since
 # it's very possible for DPDK to change it's API between
-# releases. This version currently requires 18.11.
+# releases. This version currently requires 18.11.2.
 BuildRequires:  dpdk-devel < 18.12
-BuildRequires:  dpdk-devel >= 18.11
+BuildRequires:  dpdk-devel >= 18.11.2
 BuildRequires:  libmnl-devel
 BuildRequires:  libnuma-devel
 BuildRequires:  libpcap-devel
@ -343,8 +339,6 @@ performance and connectivity issues in Open vSwitch setup.
 %prep
 %setup -q -n openvswitch-%{version}
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
 %build
 set -- * .travis* .mailmap .cirrus.yml