[ewg] Allowing ib dignostics to be run without being logged in as root.

[Yevgeny Kliteynik]

Hi Woody,

On 31-May-10 2:43 AM, Sasha Khapyorsky wrote:
> Hi Woody,
>
> On 13:51 Tue 25 May     , Woodruff, Robert J wrote:
>>
>> Some people were asking me if it would be possible to
>> allow some of the IB diagnostic tools to be run without
>> requiring being logged in as root. Would there be
>> any problem in changing the installation to set their
>> permissions to setuid root to allow this, i.e.,
>>
>> chmod +s /usr/sbin/ibnetdiscover
>> chmod +s /usr/sbin/ibaddr
>> chmod +s /usr/sbin/smpquery
>> chmod +s /usr/sbin/perfquery
>
> As many others I would also suggest to not make it (at least in default
> installation).
>
> However you can try to run diagnostic tools as non-root user by doing
> follow:
>
> 1. create some dedicated group, let's say 'umad'.
> 2. add dedicated users to be a members of this group
> 3. chown root:umad /dev/infiniband/umad*
> 4. chmod 0660 /dev/infiniband/umad*
> 5. update ib related udev rules file to match above
>
> This is how device access is granted to users normally.

No need to mess with users/groups/owners.

Udev configuration rules are in the following directory:
   /etc/udev/rules.d

Infiniband-related rules are here:
   /etc/udev/rules.d/90-ib.rules

$> cat /etc/udev/rules.d/90-ib.rules
KERNEL=="umad*", NAME="infiniband/%k"
...

You need to allow other users to get access to "umad*" devices.
Don't modify the 90-ib.rules. Instead add a new file, something like
80-ib-umad.rules. The number in the beginning of the file (80) should
be lower than the number in the file with the rule that you want to
override (90):

$> cat /etc/udev/rules.d/80-ib-umad.rules
KERNEL=="umad*", NAME="infiniband/%k", MODE="0666"

Restart the driver and you're done.

-- Yevgeny

> Sasha
> _______________________________________________
> ewg mailing list
> ewg at lists.openfabrics.org
> http://lists.openfabrics.org/cgi-bin/mailman/listinfo/ewg
>