Hi Ben,
I couldn't find a working solution for supporting running ovs as root and as
another user.
There seems to be some difference when running ovs-vswithd without the --user
parameter and with --user=root:root which affects the permission to use UIO.
Only without --user I'm able to use UIO.
So my current fix includes to remove "--ovs-user=${OVS_USER_ID} \" from
ovs-vswitchd.service.
Comparing the logs from each execution the difference is that when using --user
the following error appears:
2018-01-05T19:33:08.285Z|00012|dpdk|ERR|EAL: Cannot obtain physical addresses:
No such file or directory. Only vfio will function.
My guess is that when the daemon is switch from native root:root to the --user
root:root it looses some permission related to /proc/self/pagemap. Do you have
any suggestion on how to move forward? One way around would be to define an
exception to not try to switch the user when the value is root:root.
Regards,
Marcos Schwarz
----- Original Message -----
From: "Ben Pfaff" <b...@ovn.org>
To: "Marcos Felipe Schwarz" <marcos.schw...@rnp.br>
Cc: ovs-discuss@openvswitch.org
Sent: Monday, November 27, 2017 6:31:39 PM
Subject: Re: [ovs-discuss] DPDK with UIO drivers is broken on Fedora since OVS
2.8.0
On Tue, Nov 21, 2017 at 12:08:51PM -0200, Marcos Felipe Schwarz wrote:
> Hi,
>
> The current solution for running OVS with non-root user in Fedora makes it
> not possible to support UIO drivers [1].
> Setting the user to root:root via /etc/sysconfig/openvswitch should be a
> solution, but it is also currently broken, since the systemd
> ovs-vswitchd.service is forcing the group :hugetlbfs to /dev/hugepages [2],
> which breaks root access to it.
> Would it be possible to change the permissions only if the user in not root?
> Currently I can only make UIO work on fedora removing this hardcoded
> permissions on the systemd files. I believe that either root:root should not
> conflict with the systemd script or be explicitly unsupported.
>
> [1] For Linux kernel 4.0 and newer, the ability to obtain physical page frame
> numbers for unprivileged users from /proc/self/pagemap was removed.
> Source.
> http://dpdk.org/browse/dpdk/commit/?id=cdc242f260e766bd95a658b5e0686a62ec04f5b0
> [2] ExecStartPre=-/usr/bin/chown :hugetlbfs /dev/hugepages.
> https://github.com/openvswitch/ovs/blob/master/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in
Are you able to submit a patch to solve the problem? It sounds like you
have a specific idea about what should be done.
_______________________________________________
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
