On Mon, Jul 31, 2017 at 08:42:40PM +0000, Hefty, Sean wrote: > > This lets systemd create the socket (to the admin's specifications) > > and starts ibacm when something connects to it. > > > > We are using this to improve boot ordering by ensuring that any > > rdma_cm clients that would use ibacm block until ibacm is started up > > properly. > > A user could also use this to demand start ibacm, but that means it > > would not plug into kernel RMDA local services for caching. > > > > For security, the socket will be created on the lo interface by > > default. > > The admin can change this back to the old daemon behavior with a > > systemd drop in. > > Calling this change out to increase visibility. Right, is the remote access use case typical? Someone should also add some systemd compartmentalization directives (see srp_daemon_port.service.in for some ideas) to help harden things for an unpriv access daemon. Jason -- To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
