diff options
| author |   Dave Barach <dave@barachs.net> | 2016-05-31 14:05:46 -0400 |
|---|---|---|
| committer |   Keith Burns <alagalah@gmail.com> | 2016-06-01 19:21:58 +0000 |
| commit | db0cf7963b971ebb393d105a0a29fa7bd926521c (patch) | |
| tree | 054988a44b4a68ad0e1b4470dfc566dc3e6dfd8a /vpp/api/api.c | |
| parent | 8d9e80583fbb8ffb30e63153ef5b2b21c6b336fa (diff) | |
VPP-83 Allow non-privileged clients to use the vpp binary API.
Use the command line argument "api-segment { uid <nnn> gid <nnn> }" to
configure shared memory segment file ownership. Defaults to uid = gid
= 0. Shared-memory segments are explicitly set to 0770 mode, aka
"rwxrwx---".
Change-Id: Ic5d596b68139add61e7de6ace035c57dfd030111
Signed-off-by: Dave Barach <dave@barachs.net>
Diffstat (limited to 'vpp/api/api.c')
| -rw-r--r-- | vpp/api/api.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/vpp/api/api.c b/vpp/api/api.c index 7aa898c6e30..0d27d582bca 100644 --- a/vpp/api/api.c +++ b/vpp/api/api.c @@ -6087,9 +6087,10 @@ vpe_api_init (vlib_main_t *vm) VLIB_INIT_FUNCTION(vpe_api_init); static clib_error_t * -chroot_config (vlib_main_t * vm, unformat_input_t * input) +api_segment_config (vlib_main_t * vm, unformat_input_t * input) { u8 * chroot_path; + int uid, gid; while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) { @@ -6098,13 +6099,17 @@ chroot_config (vlib_main_t * vm, unformat_input_t * input) vec_add1 (chroot_path, 0); vl_set_memory_root_path ((char *)chroot_path); } + else if (unformat (input, "uid %d", &uid)) + vl_set_memory_uid (uid); + else if (unformat (input, "gid %d", &gid)) + vl_set_memory_gid (gid); else - return clib_error_return (0, "unknown input `%U'", - format_unformat_error, input); + return clib_error_return (0, "unknown input `%U'", + format_unformat_error, input); } return 0; } -VLIB_EARLY_CONFIG_FUNCTION (chroot_config, "chroot"); +VLIB_EARLY_CONFIG_FUNCTION (api_segment_config, "api-segment"); void * get_unformat_vnet_sw_interface (void) { |