From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0D78DA00C5; Thu, 30 Apr 2020 18:36:18 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 3E38C1DC25; Thu, 30 Apr 2020 18:36:18 +0200 (CEST) Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by dpdk.org (Postfix) with ESMTP id 745721DC24 for ; Thu, 30 Apr 2020 18:36:16 +0200 (CEST) IronPort-SDR: aqvZNo/uc+pmoTJVYtiLhAFHyxvDYDt4JAaMR0Kf9WMMYELK6OIbjEXhbwATz0+46GLYMIUv6k BvPcLg50uJow== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Apr 2020 09:36:15 -0700 IronPort-SDR: 52i0FfEkBBg4I6gT9E4R9bLG5JLX6HcP6flTHwdHK+vpvqeLw/gkZ4k5FVHwnIX/JXpJuNnoqc x5e59HRwF1DA== X-IronPort-AV: E=Sophos;i="5.73,336,1583222400"; d="scan'208";a="459635861" Received: from bricha3-mobl.ger.corp.intel.com ([10.214.197.180]) by fmsmga005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-SHA; 30 Apr 2020 09:36:12 -0700 Date: Thu, 30 Apr 2020 17:36:07 +0100 From: Bruce Richardson To: Stephen Hemminger Cc: "Burakov, Anatoly" , =?utf-8?B?6ZmI5Lqa6L6JLeS6keadieeglOWPkemDqA==?= , dev@dpdk.org, jiping@yunshan.net, xiangyang@yunshan.net, David Marchand Message-ID: <20200430163607.GA1997@bricha3-MOBL.ger.corp.intel.com> References: <42a59c31-ccd4-f7b2-a1c2-e0ff20921145@intel.com> <20200430090902.0add5a96@hermes.lan> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20200430090902.0add5a96@hermes.lan> Subject: Re: [dpdk-dev] eal: can not run secondary process on openstack environment X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On Thu, Apr 30, 2020 at 09:09:02AM -0700, Stephen Hemminger wrote: > On Thu, 30 Apr 2020 10:14:57 +0100 > "Burakov, Anatoly" wrote: > > > On 30-Apr-20 5:14 AM, 陈亚辉-云杉研发部 wrote: > > > Deleting xdg_runtime_dir and fallback, runtime_dir will always be > > > "/var/run" defined by code: > > > static const char *default_runtime_dir = "/var/run" > > > > > > > I'm not sure this is a good solution. Generally, IMO, having separate > > directories for DPDK processes for different users is a good thing. > > Also, XDG directory exists for a reason, and i think on some distros > > /var/run is not even there any more (or symlinked to /run, or...). > > > > So, i don't think this is the way to go. David, thoughts? > > > > The unix-domain sockets should be using the abstract socket > naming which would solve a bunch of problems like removing on program > crash, SELinux, and container namepaces. > > See unix(7) for more infomation. I disagree, I think using sockets on the filesystem is still the way to go. Yes, with abstract sockets they disappear automatically, but on the other hand they have the following issues: * they are non-portable and available only on linux * they can't be protected easily just using the filesystem permissions - any unix sockets we create in the DPDK runtime directory are only accessible by current user and root. For many cases in DPDK, we don't want arbitrary users or programs able to connect to DPDK. /Bruce