[ovs-git] [openvswitch/ovs] ea8519: ovn-controller-vtep: Fix wrong value for ovnsb-db ...

Jaime Caamaño Ruiz noreply at github.com
Mon Jun 10 00:26:45 UTC 2019 

  Branch: refs/heads/master
  Home:   https://github.com/openvswitch/ovs
  Commit: ea8519fcc764532ab7dfa3a86d683365eff6451d
      https://github.com/openvswitch/ovs/commit/ea8519fcc764532ab7dfa3a86d683365eff6451d
  Author: Jaime Caamaño Ruiz <jcaamano at suse.com>
  Date:   2019-06-09 (Sun, 09 Jun 2019)

  Changed paths:
    M ovn/controller-vtep/ovn-controller-vtep.c
    M rhel/usr_lib_systemd_system_ovn-controller-vtep.service

  Log Message:
  -----------
  ovn-controller-vtep: Fix wrong value for ovnsb-db argument

Fix help output of ovn-controller-vtep that was suggesting the
openvswitch database instead of the ovn southbound database for the
ovnsb-db argument.

Also fix the corresponding systemd unit that was passing the openvswitch
database instead of the ovn southbound database for the ovnsb-db
argument.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano at suse.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>


  Commit: dd9b0ed538997b0723addf91522ebc13adab556a
      https://github.com/openvswitch/ovs/commit/dd9b0ed538997b0723addf91522ebc13adab556a
  Author: Jaime Caamaño Ruiz <jcaamano at suse.com>
  Date:   2019-06-09 (Sun, 09 Jun 2019)

  Changed paths:
    M ovn/utilities/ovn-ctl
    M rhel/usr_lib_systemd_system_ovn-controller-vtep.service

  Log Message:
  -----------
  rhel: start ovn-controller-vtep with ovn-ctl

Use ovn-ctl to start ovn-controller-vtep from the corresponding systemd
unit file.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano at suse.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>


  Commit: 27e25e18c1f4cdd789d5670ab9e01dcf02a86b6f
      https://github.com/openvswitch/ovs/commit/27e25e18c1f4cdd789d5670ab9e01dcf02a86b6f
  Author: Jaime Caamaño Ruiz <jcaamano at suse.com>
  Date:   2019-06-09 (Sun, 09 Jun 2019)

  Changed paths:
    M rhel/usr_lib_systemd_system_ovs-vswitchd.service.in
    M rhel/usr_lib_systemd_system_ovsdb-server.service

  Log Message:
  -----------
  rhel: secure openvswitch useropts

The openvswitch useropts file is being stored in a directory where the
openvswitch user has write permissions. The openvswitch user can then
manipulate the file to change the user under which switchd daemon runs.

This patch changes the file to /var/openvswitch.useropts preventing any
manipulation.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano at suse.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>


  Commit: 94e1e8be3187a4824ac27ed843396dde5cc02d13
      https://github.com/openvswitch/ovs/commit/94e1e8be3187a4824ac27ed843396dde5cc02d13
  Author: Jaime Caamaño Ruiz <jcaamano at suse.com>
  Date:   2019-06-09 (Sun, 09 Jun 2019)

  Changed paths:
    M rhel/usr_lib_systemd_system_ovn-controller-vtep.service
    M rhel/usr_lib_systemd_system_ovn-controller.service
    M rhel/usr_lib_systemd_system_ovn-northd.service
    M rhel/usr_lib_systemd_system_ovs-vswitchd.service.in
    M rhel/usr_lib_systemd_system_ovsdb-server.service

  Log Message:
  -----------
  rhel: run ovn with the same user as ovs

Both ovn and ovs share the same log and run directories which are owned
by the user running ovs so it makes sense that ovn runs under that user
too to diminish security concerns and possible problems with log rotation.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano at suse.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>


Compare: https://github.com/openvswitch/ovs/compare/6f6d19db05ca...94e1e8be3187

More information about the git mailing list