Signed-off-by: Justin Pettit <jpet...@ovn.org> --- lib/daemon.man | 2 +- lib/daemon.xml | 9 +++++---- 2 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/lib/daemon.man b/lib/daemon.man index f4e79ac..2855c2d 100644 --- a/lib/daemon.man +++ b/lib/daemon.man @@ -74,7 +74,7 @@ allowed, with current user or group are assumed respectively. Only daemons started by the root user accepts this argument. .IP On Linux, daemons will be granted CAP_IPC_LOCK and CAP_NET_BIND_SERVICES -before dropping root privileges. Daemons interact with datapath, +before dropping root privileges. Daemons that interact with a datapath, such as ovs-vswitchd, will be granted two additional capabilities, namely CAP_NET_ADMIN and CAP_NET_RAW. The capability change will apply even if new user is "root". diff --git a/lib/daemon.xml b/lib/daemon.xml index d752e99..737ae55 100644 --- a/lib/daemon.xml +++ b/lib/daemon.xml @@ -106,10 +106,11 @@ <p> On Linux, daemons will be granted <code>CAP_IPC_LOCK</code> and <code>CAP_NET_BIND_SERVICES</code> before dropping root privileges. - Daemons interact with datapath, such as <code>ovs-vswitchd</code>, will - be granted two additional capabilities, namely <code>CAP_NET_ADMIN</code> - and <code>CAP_NET_RAW</code>. The capability change will apply even if - the new user is root. + Daemons that interact with a datapath, such as + <code>ovs-vswitchd</code>, will be granted two additional + capabilities, namely <code>CAP_NET_ADMIN</code> and + <code>CAP_NET_RAW</code>. The capability change will apply even + if the new user is root. </p> <p> -- 1.9.1 _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev