On Tue, Sep 22, 2015 at 05:51:10PM -0700, Andy Zhou wrote:
> Add configuration option for enabling or disabling linking with
> libcap-ng. Since capabilities are a security feature, the libcapng
> option is handled as follows:
>
> - no option: use libcapng if it's present
>
> --disable-libcapng: do not use libcapng
>
> --enable-libcapng: do use libcapng and fail configuration if
> it's missing
>
> On Linux, not linking with libcapng makes all OVS daemons fail when
> --user option is specified.
>
> Signed-off-by: Andy Zhou <[email protected]>
Thanks for writing this!
> + - libcap-ng, written by Steve Grubb, is optional but recommended
> + if you plan to user --user option for running Open vSwitch on
> + Linux with kernel based datapath. libcap-ng is required to run
> + OVS daemons as a non-root user with dropped root privileges. If
> + libcap-ng is installed, then Open vSwitch will automatically
> + build with support for it.
Maybe a little more straightforwardly:
- libcap-ng, written by Steve Grubb, is optional but recommended. It
is required to run OVS daemons as a non-root user with dropped root
privileges. If libcap-ng is installed, then Open vSwitch will
automatically build with support for it.
In m4/openvswitch.m4, I see two uses of == with the "test" command.
These should be "=". Also please quote cap-ng with [] here:
+ AC_CHECK_LIB(cap-ng, [capng_clear], [HAVE_LIBCAPNG=yes])
Acked-by: Ben Pfaff <[email protected]>
_______________________________________________
dev mailing list
[email protected]
http://openvswitch.org/mailman/listinfo/dev
