Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openvswitch for openSUSE:Factory checked in at 2023-04-14 13:12:27 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openvswitch (Old) and /work/SRC/openSUSE:Factory/.openvswitch.new.19717 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openvswitch" Fri Apr 14 13:12:27 2023 rev:66 rq:1079120 version:unknown Changes: -------- --- /work/SRC/openSUSE:Factory/openvswitch/openvswitch.changes 2022-10-10 18:43:18.754707229 +0200 +++ /work/SRC/openSUSE:Factory/.openvswitch.new.19717/openvswitch.changes 2023-04-14 13:12:35.371396203 +0200 @@ -1,0 +2,67 @@ +Wed Apr 5 21:14:59 UTC 2023 - Duraisankar P <duraisankar.pitchum...@suse.com> + +- Update OVS version to v3.1.0 and OVN version to v23.03.0 + Some of the features are, + - ovs-vswitchd now detects changes in CPU affinity and adjusts the number + of handler and revalidator threads if necessary. + - AF_XDP: + * Added support for building with libxdp and libbpf >= 0.7. + * Support for AF_XDP is now enabled by default if all dependencies are + available at the build time. Use --disable-afxdp to disable. + Use --enable-afxdp to fail the build if dependencies are not present. + - ovs-appctl: + * "ovs-appctl ofproto/trace" command can now display port names with the + "--names" option. + - OVSDB-IDL: + * Add the support to specify the persistent uuid for row insert in both + C and Python IDLs. + - Windows: + * Conntrack IPv6 fragment support. + - DPDK: + * Add support for DPDK 22.11.1. + - For the QoS max-rate and STP/RSTP path-cost configuration OVS now assumes + 10 Gbps link speed by default in case the actual link speed cannot be + determined. Previously it was 10 Mbps. Values can still be overridden + by specifying 'max-rate' or '[r]stp-path-cost' accordingly. + - OpenFlow: + * New OpenFlow extension NXT_CT_FLUSH to flush connections matching + the specified fields. + - ovs-ctl: + * New option '--dump-hugepages' to include hugepages in core dumps. This + can assist with postmortem analysis involving DPDK, but may also produce + significantly larger core dump files. + - ovs-dpctl and 'ovs-appctl dpctl/' commands: + * 'flush-conntrack' is now capable of handling partial 5-tuple, + with additional optional parameter to specify the reply direction. + - ovs-ofctl: + * New command 'flush-conntrack' that accepts zone and 5-tuple (or partial + 5-tuple) for both directions. + - Support for travis-ci.org based continuous integration builds has been + dropped. + - Userspace datapath: + * Add '-secs' argument to appctl 'dpif-netdev/pmd-rxq-show' to show + the pmd usage of an Rx queue over a configurable time period. + * Add new experimental PMD load based sleeping feature. PMD threads can + request to sleep up to a user configured 'pmd-maxsleep' value under + low load conditions. + -For more details, check + https://github.com/openvswitch/ovs/blob/v3.1.0/NEWS + -Includes secrity fix for CVE-2022-4338 (bsc#1206580) and CVE-2022-4337 (bsc#1206581) + - Removed patches, + * 0001-Replace-deprecated-var-run-with-run.patch + * 0001-openvswitch-merge-compiler.h-files-into-one-file.patch + * openvswitch-CVE-2021-36980.patch + * 0002-build-Seperated-common-used-headers.patch + * a77ad9693c8b49055389559187fe74eddb619746.patch + * 0001-m4-Test-avx512-for-x86-only.patch + * openvswitch-2.17.2-Fix-tests-with-GNU-grep-3.8.patch + - Renamed and rebased patches, + * 0001-Don-t-change-permissions-of-dev-hugepages.patch + * 0001-Use-double-hash-for-OVS_USER_ID-comment.patch + * 0001-Run-ovn-as-openvswitch-openvswitch.patch + * 0001-Use-strongswan-for-openvswitch-ipsec-service.patch + * 0001-Run-openvswitch-as-openvswitch-openvswitch.patch + - Added ovsb tool install patch, + * install-ovsdb-tools.patch + +------------------------------------------------------------------- Old: ---- 0001-m4-Test-avx512-for-x86-only.patch 0001-openvswitch-merge-compiler.h-files-into-one-file.patch 0002-build-Seperated-common-used-headers.patch Don-t-change-permissions-of-dev-hugepages.patch Run-openvswitch-as-openvswitch-openvswitch.patch Use-double-hash-for-OVS_USER_ID-comment.patch Use-strongswan-for-openvswitch-ipsec-service.patch a77ad9693c8b49055389559187fe74eddb619746.patch openvswitch-2.17.2-Fix-tests-with-GNU-grep-3.8.patch openvswitch-2.17.2.tar.gz New: ---- 0001-Don-t-change-permissions-of-dev-hugepages.patch 0001-Run-openvswitch-as-openvswitch-openvswitch.patch 0001-Run-ovn-as-openvswitch-openvswitch.patch 0001-Use-double-hash-for-OVS_USER_ID-comment.patch 0001-Use-strongswan-for-openvswitch-ipsec-service.patch openvswitch-3.1.0.tar.gz ovn-23.03.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openvswitch.spec ++++++ ++++ 1200 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/openvswitch/openvswitch.spec ++++ and /work/SRC/openSUSE:Factory/.openvswitch.new.19717/openvswitch.spec ++++++ 0001-Don-t-change-permissions-of-dev-hugepages.patch ++++++ >From e54cce931bafa12176989a5d59e3839f1bcfdf0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaam...@suse.com> Date: Wed, 6 May 2020 16:32:28 +0200 Subject: [PATCH 1/2] Don't change permissions of /dev/hugepages For SLES/openSUSE, don't change permissions of /dev/hugepages as that is a system path. Sysadmin shoudl mount hugepages on a path and permission of his choosing if OVS either manually or via hugeadm. Updated 2023-02-26 for version 3.1.0 diff --git a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in b/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in index 6d021618b..71c49dc59 100644 --- a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in +++ b/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in @@ -16,10 +16,6 @@ EnvironmentFile=/etc/openvswitch/default.conf EnvironmentFile=-/etc/sysconfig/openvswitch EnvironmentFile=-/run/openvswitch.useropts LimitSTACK=2M -@begin_dpdk@ -ExecStartPre=-/bin/sh -c '/usr/bin/chown :$${OVS_USER_ID##*:} /dev/hugepages' -ExecStartPre=-/usr/bin/chmod 0775 /dev/hugepages -@end_dpdk@ ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \ --no-ovsdb-server --no-monitor --system-id=random \ ${OVS_USER_OPT} \ ++++++ 0001-Run-openvswitch-as-openvswitch-openvswitch.patch ++++++ >From 4de3a6e6fc67125a900913598344881c0b0bed71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaam...@suse.com> Date: Fri, 8 May 2020 11:15:57 +0200 Subject: [PATCH] Run openvswitch as openvswitch:openvswitch Change default run configuration to unprivilieged user openvswitch and group openvswitch. Expect any further customization from user in sysconfig/openvswitch, including setting it back to privileged root:root configuration. Updated 2023-02-26 for version 3.1.0 diff --git a/rhel/etc_logrotate.d_openvswitch b/rhel/etc_logrotate.d_openvswitch index c0f476744..fa6303873 100644 --- a/rhel/etc_logrotate.d_openvswitch +++ b/rhel/etc_logrotate.d_openvswitch @@ -6,7 +6,7 @@ # without warranty of any kind. /var/log/openvswitch/*.log { - su root root + su openvswitch openvswitch daily compress sharedscripts diff --git a/rhel/etc_openvswitch_default.conf b/rhel/etc_openvswitch_default.conf index c74417db6..569ca95de 100644 --- a/rhel/etc_openvswitch_default.conf +++ b/rhel/etc_openvswitch_default.conf @@ -2,4 +2,4 @@ # The following is the *default* configuration for the openvswitch user ID. # This is for backward compatibility. -OVS_USER_ID="root:root" +OVS_USER_ID="openvswitch:openvswitch" ++++++ 0001-Run-ovn-as-openvswitch-openvswitch.patch ++++++ diff --git a/rhel/etc_logrotate.d_ovn b/rhel/etc_logrotate.d_ovn index a351ec303..4b26333fc 100644 --- a/rhel/etc_logrotate.d_ovn +++ b/rhel/etc_logrotate.d_ovn @@ -6,7 +6,7 @@ # without warranty of any kind. /var/log/ovn/*.log { - su root root + su openvswitch openvswitch daily compress sharedscripts diff --git a/rhel/usr_lib_systemd_system_ovn-controller-vtep.service b/rhel/usr_lib_systemd_system_ovn-controller-vtep.service index c6601cb46..48f6e3992 100644 --- a/rhel/usr_lib_systemd_system_ovn-controller-vtep.service +++ b/rhel/usr_lib_systemd_system_ovn-controller-vtep.service @@ -35,6 +35,7 @@ After=openvswitch.service [Service] Type=simple Restart=on-failure +Environment=OVN_USER_ID=openvswitch:openvswitch Environment=OVS_RUNDIR=%t/openvswitch Environment=OVN_RUNDIR=%t/ovn Environment=OVN_DB=unix:%t/ovn/ovnsb_db.sock diff --git a/rhel/usr_lib_systemd_system_ovn-controller.service b/rhel/usr_lib_systemd_system_ovn-controller.service index 15d0ac853..c602760f1 100644 --- a/rhel/usr_lib_systemd_system_ovn-controller.service +++ b/rhel/usr_lib_systemd_system_ovn-controller.service @@ -23,6 +23,7 @@ After=openvswitch.service Type=forking PIDFile=/var/run/ovn/ovn-controller.pid Restart=on-failure +Environment=OVN_USER_ID=openvswitch:openvswitch Environment=OVN_RUNDIR=%t/ovn OVS_RUNDIR=%t/openvswitch EnvironmentFile=-/etc/sysconfig/ovn EnvironmentFile=-/etc/sysconfig/ovn-controller diff --git a/rhel/usr_lib_systemd_system_ovn-northd.service b/rhel/usr_lib_systemd_system_ovn-northd.service index 6c4c6621c..d74196a49 100644 --- a/rhel/usr_lib_systemd_system_ovn-northd.service +++ b/rhel/usr_lib_systemd_system_ovn-northd.service @@ -20,6 +20,7 @@ After=syslog.target [Service] Type=oneshot RemainAfterExit=yes +Environment=OVN_USER_ID=openvswitch:openvswitch Environment=OVN_RUNDIR=%t/ovn OVN_DBDIR=/var/lib/ovn EnvironmentFile=-/etc/sysconfig/ovn EnvironmentFile=-/etc/sysconfig/ovn-northd ++++++ 0001-Use-double-hash-for-OVS_USER_ID-comment.patch ++++++ >From e007ba2d276530db6aa8a242b069f356395cd8e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaam...@suse.com> Date: Mon, 15 Jun 2020 15:15:53 +0200 Subject: [PATCH] Use double hash for OVS_USER_ID comment Updated 2023-02-26 for version 3.1.0 diff --git a/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template b/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template index c467d02db..58c0e4797 100644 --- a/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template +++ b/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template @@ -28,4 +28,4 @@ OPTIONS="" # Uncomment and set the OVS User/Group value -#OVS_USER_ID="openvswitch:openvswitch" +##OVS_USER_ID="openvswitch:openvswitch" ++++++ 0001-Use-strongswan-for-openvswitch-ipsec-service.patch ++++++ >From f786cf97880bdf1ebed65db2f560ff15f1f29413 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaam...@suse.com> Date: Mon, 28 Oct 2019 15:14:19 +0100 Subject: [PATCH] Use strongswan for openvswitch-ipsec service Since libreswan is not packaged for Leap/SLES, use strongswan for the time being. Updated 2023-02-26 for version 3.1.0 diff --git a/rhel/usr_lib_systemd_system_openvswitch-ipsec.service b/rhel/usr_lib_systemd_system_openvswitch-ipsec.service index 92dad44f9..ec86874cb 100644 --- a/rhel/usr_lib_systemd_system_openvswitch-ipsec.service +++ b/rhel/usr_lib_systemd_system_openvswitch-ipsec.service @@ -7,7 +7,7 @@ After=openvswitch.service Type=forking PIDFile=/run/openvswitch/ovs-monitor-ipsec.pid ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \ - --ike-daemon=libreswan start-ovs-ipsec + --ike-daemon=strongswan start-ovs-ipsec ExecStop=/usr/share/openvswitch/scripts/ovs-ctl stop-ovs-ipsec [Install] ++++++ install-ovsdb-tools.patch ++++++ --- /var/tmp/diff_new_pack.WdbgGS/_old 2023-04-14 13:12:36.175400802 +0200 +++ /var/tmp/diff_new_pack.WdbgGS/_new 2023-04-14 13:12:36.179400824 +0200 @@ -1,7 +1,8 @@ -diff -Nur openvswitch-2.17.0/ovsdb/automake.mk new/ovsdb/automake.mk ---- openvswitch-2.17.0/ovsdb/automake.mk 2022-02-17 23:15:55.240680736 +0100 -+++ new/ovsdb/automake.mk 2022-02-27 20:21:59.358719903 +0100 -@@ -88,8 +88,9 @@ +diff --git a/ovsdb/automake.mk b/ovsdb/automake.mk +index eba713bb6..f1c40d019 100644 +--- a/ovsdb/automake.mk ++++ b/ovsdb/automake.mk +@@ -88,8 +88,9 @@ CLEANFILES += ovsdb/ovsdb-server.1 MAN_ROOTS += ovsdb/ovsdb-server.1.in # ovsdb-idlc @@ -12,7 +13,7 @@ MAN_ROOTS += ovsdb/ovsdb-idlc.1 CLEANFILES += ovsdb/ovsdb-idlc SUFFIXES += .ovsidl .ovsschema -@@ -112,14 +113,18 @@ +@@ -112,14 +113,18 @@ CLEANFILES += $(OVSIDL_BUILT) # at least for now. $(OVSIDL_BUILT): ovsdb/ovsdb-idlc.in python/ovs/dirs.py ++++++ openvswitch-2.17.2.tar.gz -> openvswitch-3.1.0.tar.gz ++++++ /work/SRC/openSUSE:Factory/openvswitch/openvswitch-2.17.2.tar.gz /work/SRC/openSUSE:Factory/.openvswitch.new.19717/openvswitch-3.1.0.tar.gz differ: char 5, line 1
