On Tue, Sep 29, 2015 at 5:06 PM, Ben Pfaff <b...@nicira.com> wrote: > On Tue, Sep 22, 2015 at 05:51:10PM -0700, Andy Zhou wrote: >> Add configuration option for enabling or disabling linking with >> libcap-ng. Since capabilities are a security feature, the libcapng >> option is handled as follows: >> >> - no option: use libcapng if it's present >> >> --disable-libcapng: do not use libcapng >> >> --enable-libcapng: do use libcapng and fail configuration if >> it's missing >> >> On Linux, not linking with libcapng makes all OVS daemons fail when >> --user option is specified. >> >> Signed-off-by: Andy Zhou <az...@nicira.com> > > Thanks for writing this! The commit message are mostly stolen from the review comments. So the reviewer should get the credits :-) > >> + - libcap-ng, written by Steve Grubb, is optional but recommended >> + if you plan to user --user option for running Open vSwitch on >> + Linux with kernel based datapath. libcap-ng is required to run >> + OVS daemons as a non-root user with dropped root privileges. If >> + libcap-ng is installed, then Open vSwitch will automatically >> + build with support for it. > > Maybe a little more straightforwardly: > > - libcap-ng, written by Steve Grubb, is optional but recommended. It > is required to run OVS daemons as a non-root user with dropped root > privileges. If libcap-ng is installed, then Open vSwitch will > automatically build with support for it. > > In m4/openvswitch.m4, I see two uses of == with the "test" command. > These should be "=". Also please quote cap-ng with [] here: > + AC_CHECK_LIB(cap-ng, [capng_clear], [HAVE_LIBCAPNG=yes]) > > Acked-by: Ben Pfaff <b...@nicira.com>
Thanks for the review. Applied to master with changes suggested. _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
