Ryan Moats/Omaha/IBM wrote on 08/25/2016 09:19:49 AM: > From: Ryan Moats/Omaha/IBM > To: Justin Pettit <jpet...@ovn.org> > Cc: dev@openvswitch.org > Date: 08/25/2016 09:19 AM > Subject: Re: [ovs-dev] [PATCH 2/3] daemon: Minor tweaking of man > page fragment. > > "dev" <dev-boun...@openvswitch.org> wrote on 08/11/2016 01:09:13 AM: > > > From: Justin Pettit <jpet...@ovn.org> > > To: dev@openvswitch.org > > Date: 08/22/2016 01:36 PM > > Subject: [ovs-dev] [PATCH 2/3] daemon: Minor tweaking of man page fragment. > > Sent by: "dev" <dev-boun...@openvswitch.org> > > > > Signed-off-by: Justin Pettit <jpet...@ovn.org> > > --- > > lib/daemon.man | 2 +- > > lib/daemon.xml | 9 +++++---- > > 2 files changed, 6 insertions(+), 5 deletions(-) > > > > diff --git a/lib/daemon.man b/lib/daemon.man > > index f4e79ac..2855c2d 100644 > > --- a/lib/daemon.man > > +++ b/lib/daemon.man > > @@ -74,7 +74,7 @@ allowed, with current user or group are assumed > > respectively. Only daemons > > started by the root user accepts this argument. > > .IP > > On Linux, daemons will be granted CAP_IPC_LOCK and CAP_NET_BIND_SERVICES > > -before dropping root privileges. Daemons interact with datapath, > > +before dropping root privileges. Daemons that interact with a datapath, > > such as ovs-vswitchd, will be granted two additional capabilities, namely > > CAP_NET_ADMIN and CAP_NET_RAW. The capability change will apply even if > > new user is "root". > > diff --git a/lib/daemon.xml b/lib/daemon.xml > > index d752e99..737ae55 100644 > > --- a/lib/daemon.xml > > +++ b/lib/daemon.xml > > @@ -106,10 +106,11 @@ > > <p> > > On Linux, daemons will be granted <code>CAP_IPC_LOCK</code> and > > <code>CAP_NET_BIND_SERVICES</code> before dropping root privileges. > > - Daemons interact with datapath, such as <code>ovs- > vswitchd</code>, will > > - be granted two additional capabilities, namely > > <code>CAP_NET_ADMIN</code> > > - and <code>CAP_NET_RAW</code>. The capability change will > apply even if > > - the new user is root. > > + Daemons that interact with a datapath, such as > > + <code>ovs-vswitchd</code>, will be granted two additional > > + capabilities, namely <code>CAP_NET_ADMIN</code> and > > + <code>CAP_NET_RAW</code>. The capability change will apply even > > + if the new user is root. > > </p> > > > > <p> > > --
> LGTM > > Acked-by: Ryan Moats <rmo...@us.ibm.com> Well phooey - I thought I had the last in the series in my mailbox, but I can't find it, so please consider the above an Ack for the whole series... Ryan _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
