On 10/5/2020 7:17 PM, Stephen Hemminger wrote:
On Mon, 5 Oct 2020 14:09:20 +0100
Ferruh Yigit <ferruh.yi...@intel.com> wrote:
On 10/5/2020 1:39 PM, Jakub Grajciar wrote:
Abstract socket address has no connection with
filesystem pathnames and the socket dissapears
once all open references are closed.
Memif pmd will use abstract socket address by default.
For backwards compatibility use new argument
'socket-abstract=no'
Why this backward compatibility is required? How the end user affected from
swithching to abstract sockets?
It would only matter if mixing applications with different versions.
Since when linux supports abstract sockets, does this switch will cause problem
with old kernel versions?
This is not new, it dates back to Linux 2.4 or earlier.
Is there any benefit of the abstract sockets other than socket cleaned
automatically (I assume for unix sockets it is done when file filesystem
reference removed)?
The big one is that applications don't have to blindly unlink the old filesystem
remnant. This means that if application can't bind it means another application
is still running with that name. So abstract sockets are safer.
Abstract sockets are not pathnames so they get handled differently by security
systems (like SELinux and AppArmor). This can be helpful in containers.
Hi Stephen, thank you for clarification.
