[ovs-dev] [PATCH] rhel: Use openvswitch user/group for the log directory
Markos Chandras
mchandras at suse.de
Wed May 23 14:52:04 UTC 2018
On 23/05/18 14:46, Timothy Redaelli wrote:
> Commit 94cd8383e297 ("rhel: fix log directory permissions") restored the
> old 755 permission on /var/log/openvswitch and this can result in the
> exposure of sensitive information.
>
> Since commit f624bf23b62a ("rhel: user/group openvswitch does not exist")
> moved the user/group creations in %pre phase it's now possible to change
> /var/log/openvswitch user/group to openvswitch:openvswitch and remove
> the r/x bits for other again without having the "permission denied"
> error when the logs are rotated.
>
> CC: Aaron Conole <aconole at redhat.com>
> Fixes: 94cd8383e297 ("rhel: fix log directory permissions")
> Signed-off-by: Timothy Redaelli <tredaelli at redhat.com>
> Acked-by: Aaron Conole <aconole at redhat.com>
> ---
Reviewed-by: Markos Chandras <mchandras at suse.de>
--
markos
SUSE LINUX GmbH | GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nürnberg) Maxfeldstr. 5, D-90409, Nürnberg
More information about the dev
mailing list