From d41a0b75aac67da9267386bde61c898d37fb3f17 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Wed, 29 Apr 2020 19:40:46 +0200 Subject: [PATCH] keepalived: add script security param to fix warning Openwrt is a single user system. So keepalived is runnig as root. If we add the config options `script_user root` and `enabled_script_security' the following warnings are gone. > local1.info Keepalived_vrrp[5382]: SECURITY VIOLATION - scripts are being executed but script_security not enabled. Signed-off-by: Florian Eckert (cherry picked from commit 1b1ba710632f8f4850f02c22e83734a6c8b5c41a) --- net/keepalived/Makefile | 2 +- net/keepalived/files/keepalived.init | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/net/keepalived/Makefile b/net/keepalived/Makefile index ec0a6d32d..e89824e0e 100644 --- a/net/keepalived/Makefile +++ b/net/keepalived/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=keepalived PKG_VERSION:=2.0.18 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://www.keepalived.org/software diff --git a/net/keepalived/files/keepalived.init b/net/keepalived/files/keepalived.init index cf425e872..dc4eb21d5 100644 --- a/net/keepalived/files/keepalived.init +++ b/net/keepalived/files/keepalived.init @@ -104,6 +104,9 @@ global_defs() { config_get_bool linkbeat_use_polling "$1" linkbeat_use_polling 0 [ "$linkbeat_use_polling" -gt 0 ] && printf 'linkbeat_use_polling\n\n' >> "$KEEPALIVED_CONF" + printf '%bscript_user root\n' "${INDENT_1}" >> "$KEEPALIVED_CONF" + printf '%benabled_script_security\n' "${INDENT_1}" >> "$KEEPALIVED_CONF" + config_get notification_email "$1" notification_email print_list_indent notification_email