Russell Bryant <[email protected]> writes: > On Fri, Aug 4, 2017 at 1:00 PM, Aaron Conole <[email protected]> wrote: >> After this commit, users may start a dpdk-enabled ovs setup as a >> non-root user. This is accomplished by exporting the $HOME directory, >> which dpdk uses to fill in it's semi-persistent RTE configuration. >> >> This change may be a bit controversial since it modifies /dev/hugepages >> as part of starting the ovs-vswitchd to set a hugetlbfs group >> ownership. This is used to enable writing to /dev/hugepages so that the >> dpdk_init will successfully complete. There is an alternate way of >> accomplishing this - namely to initialize DPDK before dropping >> privileges. However, this would mean that if DPDK ever grows an uninit >> / reinit function, non-root ovs likely could never use it. > > Indeed ... the modifications to /dev/hugepages don't look ideal ... > > If this was truly limited to when DPDK was in use, I'd feel better > about it. We want to build a single package for OVS, right? The > package will have DPDK enabled, even for normal uses that won't use > DPDK. That means these modifications take place even for non-DPDK > use. I'd feel more comfortable if it could be restricted to only when > DPDK was actually in use. Maybe some of this logic could be moved > into ovs-ctl so that the check could be at runtime?
I couldn't find a way of doing that check. It is possible to dynamically enable dpdk (since commit ec2b070143c2 "dpdk: Late initialization"), which means we would need something constantly polling for the status change -OR- we would need to have a way of changing gid in response to the database change. The second might be possible but would require some changes in ovs-vswitchd. >> >> This does not change OvS+DPDK's SELinux requirements. It still must be >> disabled. >> >> Signed-off-by: Aaron Conole <[email protected]> >> --- >> Documentation/intro/install/dpdk.rst | 7 +++++++ >> NEWS | 1 + >> rhel/README.RHEL.rst | 11 +++++++++++ >> rhel/openvswitch-fedora.spec.in | 13 +++++++++++++ >> rhel/usr_lib_systemd_system_ovs-vswitchd.service.in | 5 +++++ >> 5 files changed, 37 insertions(+) _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
