[ovs-discuss] Running userspace as nonroot
Ben Pfaff
blp at nicira.com
Mon Apr 11 16:42:49 UTC 2011
On Sat, Apr 09, 2011 at 02:42:10PM -0400, Aaron Rosen wrote:
> This patch made it work for me. I have one more question. I'm trying to run
> ovs on a cluster of machines that I don't have root on but I can probably
> get some permissions changed on some things.
>
> I'm wondering if you knew what would be required in order to get
> ovs-oepnflowd netdev at br0 --ports=eth0 tcp:130.127.39.220:6633 working?
I think that, at a minimum, ovs-openflowd would have to be able to
open AF_PACKET sockets and /dev/net/tun. The former requires the
CAP_NET_RAW capability. I don't know much about capabilities, so I
can't tell you how to give that to a process without making it root.
The latter is, I think, just a matter of file permissions.
More information about the discuss
mailing list