[ovs-dev] [PATCH RFC 3/3] manager: Allow change to punix socket file group ownership.
Alex Wang
alexw at nicira.com
Sat Aug 22 06:10:33 UTC 2015
This commit adds a new key-value pair, 'punix_file_group=<user group>',
to the 'other_config' column in the 'Manager' table. This new config
allows user to change the punix socket file's group ownership, so that
non-root process can also connect to ovsdb-server.
Signed-off-by: Alex Wang <alexw at nicira.com>
---
ovsdb/jsonrpc-server.c | 6 ++++++
ovsdb/jsonrpc-server.h | 1 +
ovsdb/ovsdb-server.c | 2 ++
vswitchd/vswitch.xml | 16 ++++++++++++++++
4 files changed, 25 insertions(+)
diff --git a/ovsdb/jsonrpc-server.c b/ovsdb/jsonrpc-server.c
index fffcb73..387a7a0 100644
--- a/ovsdb/jsonrpc-server.c
+++ b/ovsdb/jsonrpc-server.c
@@ -32,6 +32,7 @@
#include "row.h"
#include "server.h"
#include "simap.h"
+#include "socket-util.h"
#include "stream.h"
#include "table.h"
#include "timeval.h"
@@ -227,6 +228,11 @@ ovsdb_jsonrpc_server_set_remotes(struct ovsdb_jsonrpc_server *svr,
}
ovsdb_jsonrpc_session_set_all_options(remote, options);
+
+ if (!strncmp(node->name, "punix:", 6)) {
+ unix_socket_set_file_group(node->name + 6,
+ options->punix_file_group);
+ }
}
}
diff --git a/ovsdb/jsonrpc-server.h b/ovsdb/jsonrpc-server.h
index fce8b7b..36a15f3 100644
--- a/ovsdb/jsonrpc-server.h
+++ b/ovsdb/jsonrpc-server.h
@@ -35,6 +35,7 @@ struct ovsdb_jsonrpc_options {
int max_backoff; /* Maximum reconnection backoff, in msec. */
int probe_interval; /* Max idle time before probing, in msec. */
int dscp; /* Dscp value for manager connections */
+ const char *punix_file_group; /* For setting the punix file's group. */
};
struct ovsdb_jsonrpc_options *
ovsdb_jsonrpc_default_options(const char *target);
diff --git a/ovsdb/ovsdb-server.c b/ovsdb/ovsdb-server.c
index cd13b0d..8dca006 100644
--- a/ovsdb/ovsdb-server.c
+++ b/ovsdb/ovsdb-server.c
@@ -770,6 +770,8 @@ add_manager_options(struct shash *remotes, const struct ovsdb_row *row)
options->dscp = dscp;
}
}
+ options->punix_file_group = read_map_string_column(row, "other_config",
+ "punix_file_group");
}
static void
diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index 6f6e0ed..ae7abfb 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -4286,6 +4286,22 @@
default value of 48 is chosen. Valid DSCP values must be in the range
0 to 63.
</column>
+
+ <column name="other_config" key="punix_file_group"
+ type='{"type": "string"}'>
+ <p>
+ When connection method in <ref column="target"/> is
+ <code>punix</code>, this config specifies the user group to which
+ the group ownership for 'punix' (unix domain socket) file created
+ by ovsdb will be applied. Also, the file's access permission will be
+ changed to '0770'.
+ </p>
+ <p>
+ By default, the 'punix' file is associated with the 'root'
+ group and have access permission '0700'. If this config is
+ not specified or specified as 'root', the default is restored.
+ </p>
+ </column>
</group>
<group title="Common Columns">
--
1.7.9.5
More information about the dev
mailing list