[PATCH 3/4] doc: give specific instructions for running as non-root

Stephen Hemminger stephen at networkplumber.org
Wed Jun 8 02:03:14 CEST 2022

Previous message (by thread): [PATCH 3/4] doc: give specific instructions for running as non-root
Next message (by thread): [PATCH 4/4] doc: update instructions for running as non-root for MLX5
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 8 Jun 2022 02:49:48 +0300
Dmitry Kozlyuk <dkozlyuk at nvidia.com> wrote:

> The guide to run DPDK applications as non-root in Linux
> did not provide specific instructions to configure the required access
> and did not explain why each bit is needed.
> The latter is important because running as non-root
> is one of the ways to tighten security and grant minimal permissions.
> 
> Cc: stable at dpdk.org
> 
> Signed-off-by: Dmitry Kozlyuk <dkozlyuk at nvidia.com>

If running with multiple containers it is often better to have OS
take care of mounting huge pages.

https://github.com/systemd/systemd/blob/main/units/dev-hugepages.mount

And a good way for managing multiple applications using hugepages
is to mount device with group permissions and add supplementary
group to each container.

Previous message (by thread): [PATCH 3/4] doc: give specific instructions for running as non-root
Next message (by thread): [PATCH 4/4] doc: update instructions for running as non-root for MLX5
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list