6:05 p.m.
Hello! How can i operate with openvswitch without root rights?
For example - i can add my user to kvm group and create vm from
libvirt with my own user, but now i'm failed with creating port.
errors in logs:
Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
ovs|00001|vsctl|INFO|Called as ovs-vsctl --timeout=5 -- --if-exists
del-port
Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
ovs|00002|vsctl|ERR|'del-port' command requires at least 1 arguments
Mar 06 14:04:46 selfip.ru libvirtd[6418]: internal error: Child
process (ovs-vsctl --timeout=5 -- --if-exists del-port) unexpected
exit status 1: ovs-vsctl: 'del-port' command requires at least 1
arguments
Mar 06 14:04:46 selfip.ru libvirtd[6418]: Unable to delete port (null)
from OVS: Operation not permitted
--
Vasiliy Tolstov,
e-mail: v.tolstov(a)selfip.ru
jabber: vase(a)selfip.ru
2:27 a.m.
New subject: [libvirt-users] [ovs-discuss] create ovs port without root
The error that you're showing doesn't appear to be related to permissions; the
"ovs-vsctl del-port" command requires that you specify the port that you want to
delete.
--Justin
On Mar 6, 2014, at 2:05 AM, Vasiliy Tolstov <v.tolstov(a)selfip.ru> wrote:
Hello! How can i operate with openvswitch without root rights?
For example - i can add my user to kvm group and create vm from
libvirt with my own user, but now i'm failed with creating port.
errors in logs:
Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
ovs|00001|vsctl|INFO|Called as ovs-vsctl --timeout=5 -- --if-exists
del-port
Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
ovs|00002|vsctl|ERR|'del-port' command requires at least 1 arguments
Mar 06 14:04:46 selfip.ru libvirtd[6418]: internal error: Child
process (ovs-vsctl --timeout=5 -- --if-exists del-port) unexpected
exit status 1: ovs-vsctl: 'del-port' command requires at least 1
arguments
Mar 06 14:04:46 selfip.ru libvirtd[6418]: Unable to delete port (null)
from OVS: Operation not permitted
--
Vasiliy Tolstov,
e-mail: v.tolstov(a)selfip.ru
jabber: vase(a)selfip.ru
_______________________________________________
discuss mailing list
discuss(a)openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
3:05 a.m.
New subject: [libvirt-users] [ovs-discuss] create ovs port without root
2014-03-06 22:27 GMT+04:00 Justin Pettit <jpettit(a)nicira.com>:
The error that you're showing doesn't appear to be related to
permissions; the "ovs-vsctl del-port" command requires that you specify the port
that you want to delete.
Yes, but how i understand libvirt with user rights can't connect to
ovs-vswitchd socket....
--
Vasiliy Tolstov,
e-mail: v.tolstov(a)selfip.ru
jabber: vase(a)selfip.ru
7:09 a.m.
New subject: [libvirt-users] [ovs-discuss] create ovs port without root
Start openvswitch service
Le 6 mars 2014 19:27, "Justin Pettit" <jpettit(a)nicira.com> a écrit :
The error that you're showing doesn't appear to be related to
permissions;
the "ovs-vsctl del-port" command requires that you specify the port that
you want to delete.
--Justin
On Mar 6, 2014, at 2:05 AM, Vasiliy Tolstov <v.tolstov(a)selfip.ru> wrote:
> Hello! How can i operate with openvswitch without root rights?
> For example - i can add my user to kvm group and create vm from
> libvirt with my own user, but now i'm failed with creating port.
>
> errors in logs:
> Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
> ovs|00001|vsctl|INFO|Called as ovs-vsctl --timeout=5 -- --if-exists
> del-port
> Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
> ovs|00002|vsctl|ERR|'del-port' command requires at least 1 arguments
> Mar 06 14:04:46 selfip.ru libvirtd[6418]: internal error: Child
> process (ovs-vsctl --timeout=5 -- --if-exists del-port) unexpected
> exit status 1: ovs-vsctl: 'del-port' command requires at least 1
> arguments
> Mar 06 14:04:46 selfip.ru libvirtd[6418]: Unable to delete port (null)
> from OVS: Operation not permitted
>
>
> --
> Vasiliy Tolstov,
> e-mail: v.tolstov(a)selfip.ru
> jabber: vase(a)selfip.ru
> _______________________________________________
> discuss mailing list
> discuss(a)openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
_______________________________________________
discuss mailing list
discuss(a)openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
5:33 p.m.
On Thu, Mar 06, 2014 at 02:05:15PM +0400, Vasiliy Tolstov wrote:
Hello! How can i operate with openvswitch without root rights?
For example - i can add my user to kvm group and create vm from
libvirt with my own user, but now i'm failed with creating port.
errors in logs:
Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
ovs|00001|vsctl|INFO|Called as ovs-vsctl --timeout=5 -- --if-exists
del-port
Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
ovs|00002|vsctl|ERR|'del-port' command requires at least 1 arguments
Mar 06 14:04:46 selfip.ru libvirtd[6418]: internal error: Child
process (ovs-vsctl --timeout=5 -- --if-exists del-port) unexpected
exit status 1: ovs-vsctl: 'del-port' command requires at least 1
arguments
Mar 06 14:04:46 selfip.ru libvirtd[6418]: Unable to delete port (null)
from OVS: Operation not permitted
I assume that any admin commands related to OVS will require
CAP_NET_ADMIN as is required for all non-OVS network tasks too,
which pretty much means you have to be root.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
7:02 p.m.
Thanks for answers,but as I see libvirt call ovs-vsctl that tries to
connect to ovs-vswitchd socket,that have rw to root.how can I specify
socket permissions in vswitchd?
On Thu, Mar 06, 2014 at 02:05:15PM +0400, Vasiliy Tolstov wrote:
Hello! How can i operate with openvswitch without root rights?
For example - i can add my user to kvm group and create vm from
libvirt with my own user, but now i'm failed with creating port.
errors in logs:
Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
ovs|00001|vsctl|INFO|Called as ovs-vsctl --timeout=5 -- --if-exists
del-port
Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
ovs|00002|vsctl|ERR|'del-port' command requires at least 1 arguments
Mar 06 14:04:46 selfip.ru libvirtd[6418]: internal error: Child
process (ovs-vsctl --timeout=5 -- --if-exists del-port) unexpected
exit status 1: ovs-vsctl: 'del-port' command requires at least 1
arguments
Mar 06 14:04:46 selfip.ru libvirtd[6418]: Unable to delete port (null)
from OVS: Operation not permitted
I assume that any admin commands related to OVS will require
CAP_NET_ADMIN as is required for all non-OVS network tasks too,
which pretty much means you have to be root.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/:|
|: http://libvirt.org -o- http://virt-manager.org:|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/:|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc:|
2 a.m.
New subject: [libvirt-users] [ovs-discuss] create ovs port without root
I don't believe we have a feature for that yet, but it seems like a
reasonable feature to add if you wish to contribute it.
On Fri, Mar 7, 2014 at 3:02 AM, Vasiliy Tolstov <v.tolstov(a)selfip.ru> wrote:
Thanks for answers,but as I see libvirt call ovs-vsctl that tries to
connect
to ovs-vswitchd socket,that have rw to root.how can I specify socket
permissions in vswitchd?
On Thu, Mar 06, 2014 at 02:05:15PM +0400, Vasiliy Tolstov wrote:
> Hello! How can i operate with openvswitch without root rights?
> For example - i can add my user to kvm group and create vm from
> libvirt with my own user, but now i'm failed with creating port.
>
> errors in logs:
> Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
> ovs|00001|vsctl|INFO|Called as ovs-vsctl --timeout=5 -- --if-exists
> del-port
> Mar 06 14:04:46 selfip.ru ovs-vsctl[19065]:
> ovs|00002|vsctl|ERR|'del-port' command requires at least 1 arguments
> Mar 06 14:04:46 selfip.ru libvirtd[6418]: internal error: Child
> process (ovs-vsctl --timeout=5 -- --if-exists del-port) unexpected
> exit status 1: ovs-vsctl: 'del-port' command requires at least 1
> arguments
> Mar 06 14:04:46 selfip.ru libvirtd[6418]: Unable to delete port (null)
> from OVS: Operation not permitted
I assume that any admin commands related to OVS will require
CAP_NET_ADMIN as is required for all non-OVS network tasks too,
which pretty much means you have to be root.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/
:|
|: http://libvirt.org -o- http://virt-manager.org
:|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/
:|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc
:|
--
"I don't normally do acked-by's. I think it's my way of avoiding
getting blamed when it all blows up." Andrew Morton
3837
days inactive
3838
days old
6 comments
5 participants
participants (5)
-
Aymen Fitati -
Ben Pfaff -
Daniel P. Berrange -
Justin Pettit -
Vasiliy Tolstov