From 1b1ba710632f8f4850f02c22e83734a6c8b5c41a Mon Sep 17 00:00:00 2001
From: Florian Eckert <fe@dev.tdt.de>
Date: Wed, 29 Apr 2020 19:40:46 +0200
Subject: keepalived: add script security param to fix warning

Openwrt is a single user system. So keepalived is runnig as root.
If we add the config options `script_user root` and
`enabled_script_security' the following warnings are gone.

> local1.info Keepalived_vrrp[5382]: SECURITY VIOLATION - scripts are
being executed but script_security not enabled.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
---
 net/keepalived/files/keepalived.init | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/net/keepalived/files/keepalived.init b/net/keepalived/files/keepalived.init
index 05c47bb36..7af3f9c61 100644
--- a/net/keepalived/files/keepalived.init
+++ b/net/keepalived/files/keepalived.init
@@ -98,6 +98,9 @@ print_notify() {
 globals() {
 	local notification_email
 
+	printf '%bscript_user root\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
+	printf '%benabled_script_security\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
+
 	config_get notification_email "$1" notification_email
 	print_list_indent notification_email
 
-- 
cgit v1.2.3