[ovs-dev] [PATCH 2/8] lib/daemon: support --user option for all OVS daemon
Andy Zhou
azhou at nicira.com
Thu Oct 1 03:50:13 UTC 2015
On Tue, Sep 29, 2015 at 5:19 PM, Ben Pfaff <blp at nicira.com> wrote:
> On Tue, Sep 22, 2015 at 05:51:11PM -0700, Andy Zhou wrote:
>> OVS daemons can now support --user option to run as a non-root
>> user with less privileges.
>>
>> See the manpage patch for more descriptions.
>>
>> Signed-off-by: Andy Zhou <azhou at nicira.com>
>
> ...
>
>> +void
>> +dameon_become_new_user(bool access_datapath OVS_UNUSED)
>
> s/dameon/daemon/ above.
>
>> +.IP
>> +On Windows, this option is not currently supported. For security reasons,
>> +Specifying this option will cause the daemon process not to start.
>
> s/Specifying/specifying/ above.
>
> There's a change to the comment on read_pidfile() that looks like a
> typo.
>
> I'm not really sure why the caller of daemon_become_new_user() needs to
> check the OS type to decide on 'access_datapath' and then
> daemon_become_new_user() verifies that it's correct for the OS. I would
> guess that it could just be hardcoded for the caller (e.g. always "true"
> for ovs-vswitchd) and then daemon_become_new_user() only needs to do
> anything special if it's running on Linux.
>
> Acked-by: Ben Pfaff <blp at nicira.com>
Thanks. Applied to master with the changes suggested.
>
More information about the dev
mailing list