[ovs-discuss] How to run ovs-vswitchd as non-root

Aishwarya aishu85 at gmail.com
Fri Sep 23 04:20:57 UTC 2011 

Hi Ben,

Yes, I did .. I saw that as well.. I thought you were saying otherwise when you mentioned that only the database is affected after adding the bridge. So, I was confirming.

Thanks for all your answers. Was very helpful.

Aish

On Sep 22, 2011, at 8:49 PM, Ben Pfaff <blp at nicira.com> wrote:

> Every bridge always has a local interface of the same name.
> 
> Have you read *ANY* of the documentation?  It mentions this all over.
> 
> On Thu, Sep 22, 2011 at 08:20:04PM -0700, Aishwarya wrote:
>> Hi Ben,
>> 
>> It seems like vsctl is also creating a local interface called br0. I
>> confirmed this by doing an ifconfig br0 before this command and after.
>> Before the vsctl add-br br0 command, ifconfig br0 says "no device found",
>> but after the command it allows me to assign an ipaddress to br0, and does
>> not give the error anymore.
>> 
>> Also, as you said, not running vswitchd as root is what was causing issues
>> when vsctl was trying to create a bridge. the br0.msgmt and snoop files were
>> not getting created.
>> 
>> Thanks,
>> Aish
>> 
>> On Thu, Sep 22, 2011 at 7:35 PM, Ben Pfaff <blp at nicira.com> wrote:
>> 
>>> ovs-vsctl only changes the database.  The database update completes
>>> successfully.
>>> 
>>> On Thu, Sep 22, 2011 at 06:15:46PM -0700, Aishwarya wrote:
>>>> Ok.. Apart from this, I also notice if I use ovs-vsctl add br0 without
>>> sudo,
>>>> it does not give me any error immediately, but when I try to set an ip
>>>> address for the br0 interface with sudo ifconfig, it says "no such device
>>>> exists". Is this because when run without sudo, vsctl add-br is not doing
>>>> this correctly? It may be helpful to see an error message in such a case.
>>>> 
>>>> Thanks,
>>>> AIsh
>>>> 
>>>> 
>>>> On Thu, Sep 22, 2011 at 4:18 PM, Ben Pfaff <blp at nicira.com> wrote:
>>>> 
>>>>> Yes.
>>>>> 
>>>>> Only root is allowed to change the kernel flow tables, for example.
>>>>> 
>>>>> On Thu, Sep 22, 2011 at 04:00:34PM -0700, Aishwarya wrote:
>>>>>> Hi Ben,
>>>>>> 
>>>>>> Using OVS_RUNDIR works for me. But are you saying running vswitchd as
>>> non
>>>>>> root will cause other issues in the functionality?
>>>>>> 
>>>>>> Thanks,
>>>>>> Aish
>>>>>> 
>>>>>> On Thu, Sep 22, 2011 at 3:27 PM, Ben Pfaff <blp at nicira.com> wrote:
>>>>>> 
>>>>>>> On Thu, Sep 22, 2011 at 03:05:57PM -0700, Aishwarya wrote:
>>>>>>>> ovsdb-server gives an option to specify the ctl socket path with
>>>>>>> --unixctl
>>>>>>>> option. So, this and specifying the pid file path make it
>>> possible to
>>>>> run
>>>>>>>> this from a non-root account or without sudo. Is there a way that
>>>>>>>> ovs-vswiitchd can also be run without sudo? Right now, I get this
>>>>> error:
>>>>>>>> ovs-vswitchd: could not initialize control socket
>>>>>>>> /usr/local/var/run/openvswitch/ovs-vswitchd.20342.ctl (Permission
>>>>>>> denied).
>>>>>>> 
>>>>>>> You can specify the OVS_RUNDIR environment variable.
>>>>>>> 
>>>>>>> There are other reasons that ovs-vswitchd normally requires root,
>>> so
>>>>>>> it might not help.
>>>>>>> 
>>>>> 
>>>

More information about the discuss mailing list