| Message ID | 1444095524-11357-1-git-send-email-azhou@nicira.com |
|---|---|
| State | Superseded |
| Headers | show |
On Mon, Oct 5, 2015 at 6:38 PM, Andy Zhou <azhou@nicira.com> wrote: > libcap-ng is going to be required to build Debian packages. Daemons > will run as the ovs user and group, instead of root, to improve > security. > > Signed-off-by: Andy Zhou <azhou@nicira.com> I would also update ./debian/control file corresponding sections. Basically it would allow "apt-get build-dep" command to work properly. > --- > debian/control | 1 + > debian/rules | 2 +- > 2 files changed, 2 insertions(+), 1 deletion(-) > > diff --git a/debian/control b/debian/control > index 49d6f5f..3eac644 100644 > --- a/debian/control > +++ b/debian/control > @@ -9,6 +9,7 @@ Build-Depends: graphviz, > bzip2, > debhelper (>= 8), > dh-autoreconf, > + libcap-ng-dev, > libssl-dev, > libtool, > openssl, > diff --git a/debian/rules b/debian/rules > index d8e90c7..91621d3 100755 > --- a/debian/rules > +++ b/debian/rules > @@ -30,7 +30,7 @@ override_dh_autoreconf: > dh_autoreconf $(DH_AS_NEEDED) > > override_dh_auto_configure: > - dh_auto_configure -- --enable-ssl $(DATAPATH_CONFIGURE_OPTS) > + dh_auto_configure -- --enable-ssl --enable-libcapng=yes $(DATAPATH_CONFIGURE_OPTS) > > override_dh_auto_test: > ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) > -- > 1.9.1 > > _______________________________________________ > dev mailing list > dev@openvswitch.org > http://openvswitch.org/mailman/listinfo/dev
On Tue, Oct 6, 2015 at 10:32 AM, Ansis Atteka <aatteka@nicira.com> wrote: > On Mon, Oct 5, 2015 at 6:38 PM, Andy Zhou <azhou@nicira.com> wrote: >> libcap-ng is going to be required to build Debian packages. Daemons >> will run as the ovs user and group, instead of root, to improve >> security. >> >> Signed-off-by: Andy Zhou <azhou@nicira.com> > > I would also update ./debian/control file corresponding sections. > Basically it would allow "apt-get build-dep" command to work properly. Disregard, this comment because I overlooked your patch. Acked-by: Ansis Atteka <aatteka@nicira.com> > > > > >> --- >> debian/control | 1 + >> debian/rules | 2 +- >> 2 files changed, 2 insertions(+), 1 deletion(-) >> >> diff --git a/debian/control b/debian/control >> index 49d6f5f..3eac644 100644 >> --- a/debian/control >> +++ b/debian/control >> @@ -9,6 +9,7 @@ Build-Depends: graphviz, >> bzip2, >> debhelper (>= 8), >> dh-autoreconf, >> + libcap-ng-dev, >> libssl-dev, >> libtool, >> openssl, >> diff --git a/debian/rules b/debian/rules >> index d8e90c7..91621d3 100755 >> --- a/debian/rules >> +++ b/debian/rules >> @@ -30,7 +30,7 @@ override_dh_autoreconf: >> dh_autoreconf $(DH_AS_NEEDED) >> >> override_dh_auto_configure: >> - dh_auto_configure -- --enable-ssl $(DATAPATH_CONFIGURE_OPTS) >> + dh_auto_configure -- --enable-ssl --enable-libcapng=yes $(DATAPATH_CONFIGURE_OPTS) >> >> override_dh_auto_test: >> ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) >> -- >> 1.9.1 >> >> _______________________________________________ >> dev mailing list >> dev@openvswitch.org >> http://openvswitch.org/mailman/listinfo/dev
On Tue, Oct 6, 2015 at 11:37 AM, Ansis Atteka <aatteka@nicira.com> wrote: > On Tue, Oct 6, 2015 at 10:32 AM, Ansis Atteka <aatteka@nicira.com> wrote: >> On Mon, Oct 5, 2015 at 6:38 PM, Andy Zhou <azhou@nicira.com> wrote: >>> libcap-ng is going to be required to build Debian packages. Daemons >>> will run as the ovs user and group, instead of root, to improve >>> security. >>> >>> Signed-off-by: Andy Zhou <azhou@nicira.com> >> >> I would also update ./debian/control file corresponding sections. >> Basically it would allow "apt-get build-dep" command to work properly. > Disregard, this comment because I overlooked your patch. > > Acked-by: Ansis Atteka <aatteka@nicira.com> Thanks Ansis for the review. I will wait for comments on rest of the patches before applying it. >> >> >> >> >>> --- >>> debian/control | 1 + >>> debian/rules | 2 +- >>> 2 files changed, 2 insertions(+), 1 deletion(-) >>> >>> diff --git a/debian/control b/debian/control >>> index 49d6f5f..3eac644 100644 >>> --- a/debian/control >>> +++ b/debian/control >>> @@ -9,6 +9,7 @@ Build-Depends: graphviz, >>> bzip2, >>> debhelper (>= 8), >>> dh-autoreconf, >>> + libcap-ng-dev, >>> libssl-dev, >>> libtool, >>> openssl, >>> diff --git a/debian/rules b/debian/rules >>> index d8e90c7..91621d3 100755 >>> --- a/debian/rules >>> +++ b/debian/rules >>> @@ -30,7 +30,7 @@ override_dh_autoreconf: >>> dh_autoreconf $(DH_AS_NEEDED) >>> >>> override_dh_auto_configure: >>> - dh_auto_configure -- --enable-ssl $(DATAPATH_CONFIGURE_OPTS) >>> + dh_auto_configure -- --enable-ssl --enable-libcapng=yes $(DATAPATH_CONFIGURE_OPTS) >>> >>> override_dh_auto_test: >>> ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) >>> -- >>> 1.9.1 >>> >>> _______________________________________________ >>> dev mailing list >>> dev@openvswitch.org >>> http://openvswitch.org/mailman/listinfo/dev
diff --git a/debian/control b/debian/control index 49d6f5f..3eac644 100644 --- a/debian/control +++ b/debian/control @@ -9,6 +9,7 @@ Build-Depends: graphviz, bzip2, debhelper (>= 8), dh-autoreconf, + libcap-ng-dev, libssl-dev, libtool, openssl, diff --git a/debian/rules b/debian/rules index d8e90c7..91621d3 100755 --- a/debian/rules +++ b/debian/rules @@ -30,7 +30,7 @@ override_dh_autoreconf: dh_autoreconf $(DH_AS_NEEDED) override_dh_auto_configure: - dh_auto_configure -- --enable-ssl $(DATAPATH_CONFIGURE_OPTS) + dh_auto_configure -- --enable-ssl --enable-libcapng=yes $(DATAPATH_CONFIGURE_OPTS) override_dh_auto_test: ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
libcap-ng is going to be required to build Debian packages. Daemons will run as the ovs user and group, instead of root, to improve security. Signed-off-by: Andy Zhou <azhou@nicira.com> --- debian/control | 1 + debian/rules | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-)