Bug 1297827 - [RFE] Support non-root OVS (including DPDK)
Summary: [RFE] Support non-root OVS (including DPDK)
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: openvswitch
Version: 7.3
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: rc
: ---
Assignee: Aaron Conole
QA Contact: qding
URL:
Whiteboard:
Depends On:
Blocks: 1297820 1317889
TreeView+ depends on / blocked
 
Reported: 2016-01-12 14:50 UTC by Aaron Conole
Modified: 2018-07-16 15:28 UTC (History)
11 users (show)

Fixed In Version: openvswitch-2.8.0-1.el7fdb
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-02-16 13:11:31 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Aaron Conole 2016-01-12 14:50:41 UTC 
Description of problem:

As part of the '--user' feature to run Open vSwitch as non-root user, the /var/run/openvswitch directory which is created by systemd will have incorrect ownership. 

Version-Release number of selected component (if applicable):

2.5

How reproducible:

100%

Attempting to start openvswitch as a non-root user will expose the issue. A workaround exists by manually creating /var/run/openvswitch and assigning permissions before running 'systemctl start openvswitch'
Comment 4 Flavio Leitner 2017-02-20 14:13:29 UTC 
Note: OVS-DPDK still requires root privileges to work.
Comment 6 Aaron Conole 2017-08-02 18:19:23 UTC 
https://mail.openvswitch.org/pipermail/ovs-dev/2017-August/336558.html posted
Comment 7 Aaron Conole 2017-08-09 20:49:09 UTC 
This series was accepted, and will be available as part of 2.8
Comment 11 qding 2017-11-22 09:48:36 UTC 
Reproduced:

[root@dell-per730-05 run]# rpm -q openvswitch
openvswitch-2.7.3-2.git20171010.el7fdp.x86_64
[root@dell-per730-05 run]# ls -ld /var/run/openvswitch
drwxr-xr-x. 2 root root 140 Nov 22 04:35 /var/run/openvswitch
[root@dell-per730-05 run]# 
[root@dell-per730-05 run]# ps aux | grep ovs
root      18502  0.0  0.0  50524  2640 ?        S<s  04:34   0:00 ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/var/run/openvswitch/db.sock --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --no-chdir --ll
og-file=/var/log/openvswitch/ovsdb-server.log --pidfile=/var/run/openvswitch/ovsdb-server.pid --detach
root      18546  0.0  0.0  54252 15140 ?        S<Ls 04:34   0:00 ovs-vswitchd unix:/var/run/openvswitch/db.sock -vconsole:emer -vsyslog:err -vfile:info --mlockall --no-chdir --log-file=/var/log/openvswitch/ovs-vswitchd.log --pidfile=/var/run/openvswitch/ovs-vswitchd.pid --detach



Verified:

[root@dell-per730-04 run]# rpm -q openvswitch
openvswitch-2.8.0-4.el7fdb.x86_64
[root@dell-per730-04 run]# ls -ld /var/run/openvswitch/
drwxr-xr-x. 2 openvswitch hugetlbfs 340 Nov 22 03:56 /var/run/openvswitch/
[root@dell-per730-04 run]# 
[root@dell-per730-04 ~]# ps aux | grep ovs
openvsw+   2885  0.0  0.0  59360  2764 ?        S<s  03:56   0:00 ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/var/run/openvswitch/db.sock --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --user openvswitch:hugetlbfs --no-chdir --log-file=/var/log/openvswitch/ovsdb-server.log --pidfile=/var/run/openvswitch/ovsdb-server.pid --detach
openvsw+   2950  0.0  0.0  63256 18008 ?        S<Ls 03:56   0:00 ovs-vswitchd unix:/var/run/openvswitch/db.sock -vconsole:emer -vsyslog:err -vfile:info --mlockall --user openvswitch:hugetlbfs --no-chdir --log-file=/var/log/openvswitch/ovs-vswitchd.log --pidfile=/var/run/openvswitch/ovs-vswitchd.pid --detach
Comment 12 Flavio Leitner 2018-02-16 13:11:31 UTC 
Closing resolved bugs.
Note You need to log in before you can comment on or make changes to this bug.