diff --git a/openvswitch-ovs-pki-perm.patch b/openvswitch-ovs-pki-perm.patch new file mode 100644 index 0000000..f11f93b --- /dev/null +++ b/openvswitch-ovs-pki-perm.patch @@ -0,0 +1,12 @@ +diff -Nru openvswitch-1.7.1.orig/utilities/ovs-pki openvswitch-1.7.1/utilities/ovs-pki +--- openvswitch-1.7.1.orig/utilities/ovs-pki.in 2012-11-01 14:32:27.739264199 +0100 ++++ openvswitch-1.7.1/utilities/ovs-pki.in 2012-11-01 14:33:20.411784428 +0100 +@@ -219,7 +219,7 @@ + + mkdir -p certs crl newcerts + mkdir -p -m 0700 private +- mkdir -p -m 0733 incoming ++ mkdir -p -m 0700 incoming + touch index.txt + test -e crlnumber || echo 01 > crlnumber + test -e serial || echo 01 > serial diff --git a/openvswitch.spec b/openvswitch.spec index 7d8b811..bf1ff79 100644 --- a/openvswitch.spec +++ b/openvswitch.spec @@ -1,6 +1,6 @@ Name: openvswitch Version: 1.7.1 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Open vSwitch daemon/database/utilities # Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the @@ -20,6 +20,7 @@ Source7: openvswitch-configure-ovskmod-var.patch # make the kmod name configurable since Fedora kernel ships openvswitch module # Source7 is not applied, it's used to generate patch0 Patch0: openvswitch-configure-ovskmod-var-autoconfd.patch +Patch1: openvswitch-ovs-pki-perm.patch BuildRequires: systemd-units openssl openssl-devel BuildRequires: python python-twisted-core python-twisted-conch python-zope-interface PyQt4 @@ -83,7 +84,7 @@ causing them to function as L2 MAC-learning switches or hub. %prep %setup -q %patch0 -p1 -b .ovskmod - +%patch1 -p1 -b .openvswitch-ovs-pki-perm %build %configure --enable-ssl --with-pkidir=%{_sharedstatedir}/openvswitch/pki OVSKMOD=openvswitch @@ -204,6 +205,9 @@ desktop-file-install --dir=$RPM_BUILD_ROOT%{_datadir}/applications %{SOURCE6} %changelog +* Tue Nov 1 2012 Thomas Graf - 1.7.1-5 +- Don't create world writable pki/*/incomming directory (#845351) + * Tue Oct 25 2012 Thomas Graf - 1.7.1-4 - Don't add iptables accept rule for -p GRE as GRE tunneling is unsupported