Re: create ovs port without root

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks for answers,but as I see libvirt call ovs-vsctl that tries to connect to ovs-vswitchd socket,that have rw to root.how can I specify socket permissions in vswitchd?

On Thu, Mar 06, 2014 at 02:05:15PM +0400, Vasiliy Tolstov wrote:
> Hello! How can i operate with openvswitch without root rights?
> For example - i can add my user to kvm group and create vm from
> libvirt with my own user, but now i'm failed with creating port.
>
> errors in logs:
> Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
> ovs|00001|vsctl|INFO|Called as ovs-vsctl --timeout=5 -- --if-exists
> del-port
> Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
> ovs|00002|vsctl|ERR|'del-port' command requires at least 1 arguments
> Mar 06 14:04:46 selfip.ru libvirtd[6418]: internal error: Child
> process (ovs-vsctl --timeout=5 -- --if-exists del-port) unexpected
> exit status 1: ovs-vsctl: 'del-port' command requires at least 1
> arguments
> Mar 06 14:04:46 selfip.ru libvirtd[6418]: Unable to delete port (null)
> from OVS: Operation not permitted

I assume that any admin commands related to OVS will require
CAP_NET_ADMIN as is required for all non-OVS network tasks too,
which pretty much means you have to be root.

Regards,
Daniel
--
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|
_______________________________________________
libvirt-users mailing list
libvirt-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvirt-users

[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux