[ovs-dev] [PATCH ovn v2 4/9] northd: Add Controller_Event RBAC rules

Frode Nordahl frode.nordahl at canonical.com
Fri Mar 5 12:16:26 UTC 2021


The use of the Controller_Event table does currently not work
when RBAC is enabled.

Fixes: be1eeb09d ("OVN: introduce Controller_Event table")
Signed-off-by: Frode Nordahl <frode.nordahl at canonical.com>
---
 northd/ovn-northd.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
index f85a3dcff..c4a3f2383 100644
--- a/northd/ovn-northd.c
+++ b/northd/ovn-northd.c
@@ -13248,6 +13248,12 @@ static const char *rbac_encap_auth[] =
 static const char *rbac_encap_update[] =
     {"type", "options", "ip"};
 
+static const char *rbac_controller_event_auth[] =
+    {""};
+static const char *rbac_controller_event_update[] =
+    {"chassis", "event_info", "event_type", "seq_num"};
+
+
 static const char *rbac_fdb_auth[] =
     {""};
 static const char *rbac_fdb_update[] =
@@ -13297,6 +13303,14 @@ static struct rbac_perm_cfg {
         .update = rbac_chassis_private_update,
         .n_update = ARRAY_SIZE(rbac_chassis_private_update),
         .row = NULL
+    },{
+        .table = "Controller_Event",
+        .auth = rbac_controller_event_auth,
+        .n_auth = ARRAY_SIZE(rbac_controller_event_auth),
+        .insdel = true,
+        .update = rbac_controller_event_update,
+        .n_update = ARRAY_SIZE(rbac_controller_event_update),
+        .row = NULL
     },{
         .table = "Encap",
         .auth = rbac_encap_auth,
-- 
2.30.0



More information about the dev mailing list