Hi Ben, I couldn't find a working solution for supporting running ovs as root and as another user. There seems to be some difference when running ovs-vswithd without the --user parameter and with --user=root:root which affects the permission to use UIO. Only without --user I'm able to use UIO. So my current fix includes to remove "--ovs-user=${OVS_USER_ID} \" from ovs-vswitchd.service.
Comparing the logs from each execution the difference is that when using --user the following error appears: 2018-01-05T19:33:08.285Z|00012|dpdk|ERR|EAL: Cannot obtain physical addresses: No such file or directory. Only vfio will function. My guess is that when the daemon is switch from native root:root to the --user root:root it looses some permission related to /proc/self/pagemap. Do you have any suggestion on how to move forward? One way around would be to define an exception to not try to switch the user when the value is root:root. Regards, Marcos Schwarz ----- Original Message ----- From: "Ben Pfaff" <b...@ovn.org> To: "Marcos Felipe Schwarz" <marcos.schw...@rnp.br> Cc: ovs-discuss@openvswitch.org Sent: Monday, November 27, 2017 6:31:39 PM Subject: Re: [ovs-discuss] DPDK with UIO drivers is broken on Fedora since OVS 2.8.0 On Tue, Nov 21, 2017 at 12:08:51PM -0200, Marcos Felipe Schwarz wrote: > Hi, > > The current solution for running OVS with non-root user in Fedora makes it > not possible to support UIO drivers [1]. > Setting the user to root:root via /etc/sysconfig/openvswitch should be a > solution, but it is also currently broken, since the systemd > ovs-vswitchd.service is forcing the group :hugetlbfs to /dev/hugepages [2], > which breaks root access to it. > Would it be possible to change the permissions only if the user in not root? > Currently I can only make UIO work on fedora removing this hardcoded > permissions on the systemd files. I believe that either root:root should not > conflict with the systemd script or be explicitly unsupported. > > [1] For Linux kernel 4.0 and newer, the ability to obtain physical page frame > numbers for unprivileged users from /proc/self/pagemap was removed. > Source. > http://dpdk.org/browse/dpdk/commit/?id=cdc242f260e766bd95a658b5e0686a62ec04f5b0 > [2] ExecStartPre=-/usr/bin/chown :hugetlbfs /dev/hugepages. > https://github.com/openvswitch/ovs/blob/master/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in Are you able to submit a patch to solve the problem? It sounds like you have a specific idea about what should be done. _______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss