Hi Ales, On 10/30/25 3:09 PM, Ales Musil wrote: > On Thu, Oct 30, 2025 at 10:37 AM Ales Musil <[email protected]> wrote: > >> When RBAC was enabled ovn-controller wasn't able to create any >> Learned_Route rows due to missing RBAC configuration. Add the >> configuration to allow ovn-controller insertion and update inside >> Learned_Route table. >> >> Fixes: 866a5014ae45 ("controller: Support learning routes.") >> Acked-by: Dumitru Ceara <[email protected]> >> > > Ah the ack slipped through, sorry Dumitru. I don't count it > as it wasn't ever officially acked by you. >
Now it is. :) Acked-by: Dumitru Ceara <[email protected]> Regards, Dumitru > >> Signed-off-by: Ales Musil <[email protected]> >> --- >> v2: Add external_ids into allowed columns. >> --- >> northd/ovn-northd.c | 13 +++++++++++++ >> 1 file changed, 13 insertions(+) >> >> diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c >> index c9d88dd22..b196b2d60 100644 >> --- a/northd/ovn-northd.c >> +++ b/northd/ovn-northd.c >> @@ -128,6 +128,11 @@ static const char *rbac_bfd_auth[] = >> static const char *rbac_bfd_update[] = >> {"status"}; >> >> +static const char *rbac_learned_route_auth[] = >> + {""}; >> +static const char *rbac_learned_route_update[] = >> + {"datapath", "logical_port", "ip_prefix", "nexthop", "external_ids"}; >> + >> static struct rbac_perm_cfg { >> const char *table; >> const char **auth; >> @@ -217,6 +222,14 @@ static struct rbac_perm_cfg { >> .update = rbac_bfd_update, >> .n_update = ARRAY_SIZE(rbac_bfd_update), >> .row = NULL >> + },{ >> + .table = "Learned_Route", >> + .auth = rbac_learned_route_auth, >> + .n_auth = ARRAY_SIZE(rbac_learned_route_auth), >> + .insdel = true, >> + .update = rbac_learned_route_update, >> + .n_update = ARRAY_SIZE(rbac_learned_route_update), >> + .row = NULL >> },{ >> .table = NULL, >> .auth = NULL, >> -- >> 2.51.0 >> >> > _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
