On Mon, Aug 01, 2016 at 01:14:31PM -0500, Ryan Moats wrote: > Ben Pfaff <b...@ovn.org> wrote on 08/01/2016 12:49:16 PM: > > > From: Ben Pfaff <b...@ovn.org> > > To: Ryan Moats/Omaha/IBM@IBMUS > > Cc: Kyle Mestery/Silicon Valley/IBM@IBMUS, "dev@openvswitch.org" > > <dev@openvswitch.org> > > Date: 08/01/2016 12:49 PM > > Subject: Re: [ovs-dev] Read only versions of the *ctl binaries > > > > On Mon, Aug 01, 2016 at 12:00:17PM -0500, Ryan Moats wrote: > > > When it comes to ovs-appctl, we're looking to set log level access > only. > > > Since this doesn't really fit into what I think of when I see > "--dry-run", > > > I'm wondering if this variation of the wrapper concept above > > > would do the trick: > > > > > > #! /bin/sh > > > # <code to limit $1 to proper targets> > > > # <code to limit $2 to proper log levels> > > > exec /real/path/to/ovs-appctl vlog/set "$1:$2" > > > > Makes sense to me. > > > > I've also been pondering the difference between --dry-run, which allows > > but essentially ignores any command that writes, and some new option we > > might invent like --read-only, which would reject with an error any > > command that writes. --dry-run might be surprising given that it would > > accept silently any command that modifies state. > > > > Ack - that was my original idea, but I admit that it gets more intrusive. > Because of the silent accept, I'm writing the gamut of smoke tests > to make sure that the calling write commands with dry-run doesn't > actually *do* anything.
That would be a surprise because --dry-run disables all writes at the IDL layer itself in a really basic way, see ovsdb_idl_txn_commit(). _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
