I don't believe we have a feature for that yet, but it seems like a reasonable feature to add if you wish to contribute it. On Fri, Mar 7, 2014 at 3:02 AM, Vasiliy Tolstov <v.tolstov@xxxxxxxxx> wrote: > Thanks for answers,but as I see libvirt call ovs-vsctl that tries to connect > to ovs-vswitchd socket,that have rw to root.how can I specify socket > permissions in vswitchd? > > On Thu, Mar 06, 2014 at 02:05:15PM +0400, Vasiliy Tolstov wrote: >> Hello! How can i operate with openvswitch without root rights? >> For example - i can add my user to kvm group and create vm from >> libvirt with my own user, but now i'm failed with creating port. >> >> errors in logs: >> Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]: >> ovs|00001|vsctl|INFO|Called as ovs-vsctl --timeout=5 -- --if-exists >> del-port >> Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]: >> ovs|00002|vsctl|ERR|'del-port' command requires at least 1 arguments >> Mar 06 14:04:46 selfip.ru libvirtd[6418]: internal error: Child >> process (ovs-vsctl --timeout=5 -- --if-exists del-port) unexpected >> exit status 1: ovs-vsctl: 'del-port' command requires at least 1 >> arguments >> Mar 06 14:04:46 selfip.ru libvirtd[6418]: Unable to delete port (null) >> from OVS: Operation not permitted > > I assume that any admin commands related to OVS will require > CAP_NET_ADMIN as is required for all non-OVS network tasks too, > which pretty much means you have to be root. > > Regards, > Daniel > -- > |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ > :| > |: http://libvirt.org -o- http://virt-manager.org > :| > |: http://autobuild.org -o- http://search.cpan.org/~danberr/ > :| > |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc > :| -- "I don't normally do acked-by's. I think it's my way of avoiding getting blamed when it all blows up." Andrew Morton _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
