redhat: allow arbitrary user:group

Under rpm based distributions, the only user:group that the rhel daemons run as is 'root:root'. This is fine as a default, but as part of a security procedure, users may want to run as an alternate uid/gid. This commit adds an OVS_USER_ID environment variable for systemd, which defaults to root:root, but can be overridden by changing the /etc/sysconfig/openvswitch environment file. Acked-by: Markos Chandras <mchandras@suse.de> Signed-off-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Russell Bryant <russell@ovn.org>
author: aaron conole <aconole@redhat.com> 2017-08-04 13:00:53 -0400
committer: Russell Bryant <russell@ovn.org> 2017-08-08 13:23:51 -0400
commit: 92d53574d5039e1173347754090cf64ccf2af57c (patch)
tree: 024380227f1f9a204de8e6e638790e9666ba64f2 /rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template
parent: 6b1babacc3ca0488e07596bf822fe356c9bab646 (diff)
download: openvswitch-92d53574d5039e1173347754090cf64ccf2af57c.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template b/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template
index 3050a0703..fdaee00d5 100644
--- a/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template
+++ b/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template
@@ -21,3 +21,6 @@
 #   --ovsdb-server-wrapper=valgrind
 #
 OPTIONS=""
+
+# Uncomment and set the OVS User/Group value
+#OVS_USER_ID="openvswitch:openvswitch"
author	aaron conole <aconole@redhat.com>	2017-08-04 13:00:53 -0400
committer	Russell Bryant <russell@ovn.org>	2017-08-08 13:23:51 -0400
commit	92d53574d5039e1173347754090cf64ccf2af57c (patch)
tree	024380227f1f9a204de8e6e638790e9666ba64f2 /rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template
parent	6b1babacc3ca0488e07596bf822fe356c9bab646 (diff)
download	openvswitch-92d53574d5039e1173347754090cf64ccf2af57c.tar.gz