From db0cf7963b971ebb393d105a0a29fa7bd926521c Mon Sep 17 00:00:00 2001 From: Dave Barach Date: Tue, 31 May 2016 14:05:46 -0400 Subject: VPP-83 Allow non-privileged clients to use the vpp binary API. Use the command line argument "api-segment { uid gid }" to configure shared memory segment file ownership. Defaults to uid = gid = 0. Shared-memory segments are explicitly set to 0770 mode, aka "rwxrwx---". Change-Id: Ic5d596b68139add61e7de6ace035c57dfd030111 Signed-off-by: Dave Barach --- vpp/api/api.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'vpp/api/api.c') diff --git a/vpp/api/api.c b/vpp/api/api.c index 7aa898c6e30..0d27d582bca 100644 --- a/vpp/api/api.c +++ b/vpp/api/api.c @@ -6087,9 +6087,10 @@ vpe_api_init (vlib_main_t *vm) VLIB_INIT_FUNCTION(vpe_api_init); static clib_error_t * -chroot_config (vlib_main_t * vm, unformat_input_t * input) +api_segment_config (vlib_main_t * vm, unformat_input_t * input) { u8 * chroot_path; + int uid, gid; while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) { @@ -6098,13 +6099,17 @@ chroot_config (vlib_main_t * vm, unformat_input_t * input) vec_add1 (chroot_path, 0); vl_set_memory_root_path ((char *)chroot_path); } + else if (unformat (input, "uid %d", &uid)) + vl_set_memory_uid (uid); + else if (unformat (input, "gid %d", &gid)) + vl_set_memory_gid (gid); else - return clib_error_return (0, "unknown input `%U'", - format_unformat_error, input); + return clib_error_return (0, "unknown input `%U'", + format_unformat_error, input); } return 0; } -VLIB_EARLY_CONFIG_FUNCTION (chroot_config, "chroot"); +VLIB_EARLY_CONFIG_FUNCTION (api_segment_config, "api-segment"); void * get_unformat_vnet_sw_interface (void) { -- cgit 1.2.3-korg