[ovs-dev] [PATCH v2] ovn: Restrict encap modification to its creating chassis

Russell Bryant russell at ovn.org
Thu Jul 27 16:48:49 UTC 2017


On Wed, Jul 26, 2017 at 5:05 PM, Mark Michelson <mmichels at redhat.com> wrote:
> This patch extends RBAC restrictiveness of the encap table in
> the ovn southbound database by only allowing modification by the
> chassis that created the encap.
>
> Signed-off-by: Mark Michelson <mmichels at redhat.com>
> Reported-by: Lance Richardson <lrichard at redhat.com>
> ---
>  ovn/controller/chassis.c  | 1 +
>  ovn/northd/ovn-northd.c   | 2 +-
>  ovn/ovn-sb.ovsschema      | 7 ++++---
>  ovn/ovn-sb.xml            | 3 +++
>  ovn/utilities/ovn-sbctl.c | 1 +
>  5 files changed, 10 insertions(+), 4 deletions(-)
>

This version doesn't seem to build for me:

./ovsdb/ovsdb-idlc.in: syntax
"{"columns":{"chassis-name":{"type":"string"},"ip":{"type":"string"},"options":{"type":{"key":"string","max":"unlimited","min":0,"value":"string"}},"type":{"type":{"key":{"enum":["set",["geneve","stt","vxlan"]],"type":"string"}}}}}":
syntax error: name must be a valid id


More information about the dev mailing list