[ovs-git] [openvswitch/ovs] 3f556d: rhel: Use openvswitch user/group for the log direc...
GitHub
noreply at github.com
Wed May 23 20:21:06 UTC 2018
Branch: refs/heads/master
Home: https://github.com/openvswitch/ovs
Commit: 3f556d66edb9609590d935ad74cf89bd57423ecb
https://github.com/openvswitch/ovs/commit/3f556d66edb9609590d935ad74cf89bd57423ecb
Author: Timothy Redaelli <tredaelli at redhat.com>
Date: 2018-05-23 (Wed, 23 May 2018)
Changed paths:
M rhel/openvswitch-fedora.spec.in
Log Message:
-----------
rhel: Use openvswitch user/group for the log directory
Commit 94cd8383e297 ("rhel: fix log directory permissions") restored the
old 755 permission on /var/log/openvswitch and this can result in the
exposure of sensitive information.
Since commit f624bf23b62a ("rhel: user/group openvswitch does not exist")
moved the user/group creations in %pre phase it's now possible to change
/var/log/openvswitch user/group to openvswitch:openvswitch and remove
the r/x bits for other again without having the "permission denied"
error when the logs are rotated.
CC: Aaron Conole <aconole at redhat.com>
Fixes: 94cd8383e297 ("rhel: fix log directory permissions")
Signed-off-by: Timothy Redaelli <tredaelli at redhat.com>
Acked-by: Aaron Conole <aconole at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Reviewed-by: Markos Chandras <mchandras at suse.de>
**NOTE:** This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
More information about the git
mailing list