Ben Pfaff <b...@ovn.org> wrote on 08/01/2016 03:05:20 PM: > From: Ben Pfaff <b...@ovn.org> > To: Ryan Moats/Omaha/IBM@IBMUS > Cc: "dev@openvswitch.org" <dev@openvswitch.org>, Kyle Mestery/ > Silicon Valley/IBM@IBMUS > Date: 08/01/2016 03:05 PM > Subject: Re: [ovs-dev] Read only versions of the *ctl binaries > > On Mon, Aug 01, 2016 at 01:14:31PM -0500, Ryan Moats wrote: > > Ben Pfaff <b...@ovn.org> wrote on 08/01/2016 12:49:16 PM: > > > > > From: Ben Pfaff <b...@ovn.org> > > > To: Ryan Moats/Omaha/IBM@IBMUS > > > Cc: Kyle Mestery/Silicon Valley/IBM@IBMUS, "dev@openvswitch.org" > > > <dev@openvswitch.org> > > > Date: 08/01/2016 12:49 PM > > > Subject: Re: [ovs-dev] Read only versions of the *ctl binaries > > > > > > On Mon, Aug 01, 2016 at 12:00:17PM -0500, Ryan Moats wrote: > > > > When it comes to ovs-appctl, we're looking to set log level access > > only. > > > > Since this doesn't really fit into what I think of when I see > > "--dry-run", > > > > I'm wondering if this variation of the wrapper concept above > > > > would do the trick: > > > > > > > > #! /bin/sh > > > > # <code to limit $1 to proper targets> > > > > # <code to limit $2 to proper log levels> > > > > exec /real/path/to/ovs-appctl vlog/set "$1:$2" > > > > > > Makes sense to me. > > > > > > I've also been pondering the difference between --dry-run, which allows > > > but essentially ignores any command that writes, and some new option we > > > might invent like --read-only, which would reject with an error any > > > command that writes. --dry-run might be surprising given that it would > > > accept silently any command that modifies state. > > > > > > > Ack - that was my original idea, but I admit that it gets more intrusive. > > Because of the silent accept, I'm writing the gamut of smoke tests > > to make sure that the calling write commands with dry-run doesn't > > actually *do* anything. > > That would be a surprise because --dry-run disables all writes at the > IDL layer itself in a really basic way, see ovsdb_idl_txn_commit(). >
Understood that I'm being paranoid - and besides, if we change our mind and go with --read-only, the tests will morph to checking for the proper error codes, so having them doesn't hurt anything. _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
