Re: [ovs-dev] Read only versions of the *ctl binaries

2016-08-01 Thread Ryan Moats
ha/IBM@IBMUS > > > Cc: Kyle Mestery/Silicon Valley/IBM@IBMUS, "dev@openvswitch.org" > > > <dev@openvswitch.org> > > > Date: 08/01/2016 12:49 PM > > > Subject: Re: [ovs-dev] Read only versions of the *ctl binaries > > > > > > On Mon,

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-08-01 Thread Ben Pfaff
h.org" > > <dev@openvswitch.org> > > Date: 08/01/2016 12:49 PM > > Subject: Re: [ovs-dev] Read only versions of the *ctl binaries > > > > On Mon, Aug 01, 2016 at 12:00:17PM -0500, Ryan Moats wrote: > > > When it comes to ovs-appctl, we're looking to s

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-08-01 Thread Ryan Moats
Ben Pfaff <b...@ovn.org> wrote on 08/01/2016 12:49:16 PM: > From: Ben Pfaff <b...@ovn.org> > To: Ryan Moats/Omaha/IBM@IBMUS > Cc: Kyle Mestery/Silicon Valley/IBM@IBMUS, "dev@openvswitch.org" > <dev@openvswitch.org> > Date: 08/01/2016 12:49 PM

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-08-01 Thread Kyle Mestery
On Mon, Aug 1, 2016 at 12:49 PM, Ben Pfaff wrote: > On Mon, Aug 01, 2016 at 12:00:17PM -0500, Ryan Moats wrote: >> When it comes to ovs-appctl, we're looking to set log level access only. >> Since this doesn't really fit into what I think of when I see "--dry-run", >> I'm wondering

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-08-01 Thread Ben Pfaff
On Mon, Aug 01, 2016 at 12:00:17PM -0500, Ryan Moats wrote: > When it comes to ovs-appctl, we're looking to set log level access only. > Since this doesn't really fit into what I think of when I see "--dry-run", > I'm wondering if this variation of the wrapper concept above > would do the trick: >

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-08-01 Thread Ryan Moats
n Valley/IBM@IBMUS > Date: 08/01/2016 07:51 AM > Subject: Re: [ovs-dev] Read only versions of the *ctl binaries > > On Sun, Jul 31, 2016 at 7:40 PM, Ryan Moats <rmo...@us.ibm.com> wrote: > > Ben Pfaff <b...@ovn.org> wrote on 07/31/2016 11:53:15 AM: > > > >> From

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-08-01 Thread Kyle Mestery
ley/IBM@IBMUS >> Date: 07/31/2016 11:53 AM >> Subject: Re: [ovs-dev] Read only versions of the *ctl binaries >> >> On Sat, Jul 30, 2016 at 09:25:59PM -0500, Ryan Moats wrote: >> > Ben Pfaff <b...@ovn.org> wrote on 07/30/2016 04:06:31 PM: >> > >>

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-07-31 Thread Ryan Moats
Ben Pfaff <b...@ovn.org> wrote on 07/31/2016 11:53:15 AM: > From: Ben Pfaff <b...@ovn.org> > To: Ryan Moats/Omaha/IBM@IBMUS > Cc: dev@openvswitch.org, Kyle Mestery/Silicon Valley/IBM@IBMUS > Date: 07/31/2016 11:53 AM > Subject: Re: [ovs-dev] Read only versions of the *c

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-07-31 Thread Ben Pfaff
ch.org > > Date: 07/30/2016 04:06 PM > > Subject: Re: [ovs-dev] Read only versions of the *ctl binaries > > > > On Sat, Jul 30, 2016 at 02:22:07PM -0500, Ryan Moats wrote: > > > Ben Pfaff <b...@ovn.org> wrote on 07/30/2016 01:38:27 PM: > > > > >

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-07-30 Thread Ryan Moats
Ben Pfaff <b...@ovn.org> wrote on 07/30/2016 04:06:31 PM: > From: Ben Pfaff <b...@ovn.org> > To: Ryan Moats/Omaha/IBM@IBMUS > Cc: Kyle Mestery/Silicon Valley/IBM@IBMUS, dev@openvswitch.org > Date: 07/30/2016 04:06 PM > Subject: Re: [ovs-dev] Read only versions of the *c

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-07-30 Thread Ben Pfaff
> > > > To: Ryan Moats/Omaha/IBM@IBMUS > > > > Cc: dev@openvswitch.org > > > > Date: 07/29/2016 05:27 PM > > > > Subject: Re: [ovs-dev] Read only versions of the *ctl binaries > > > > > > > > On Fri, Jul 29, 2016 at 04:11:00P

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-07-30 Thread Ryan Moats
Ben Pfaff <b...@ovn.org> wrote on 07/30/2016 01:38:27 PM: > From: Ben Pfaff <b...@ovn.org> > To: Ryan Moats/Omaha/IBM@IBMUS > Cc: dev@openvswitch.org > Date: 07/30/2016 01:38 PM > Subject: Re: [ovs-dev] Read only versions of the *ctl binaries > > On Fri, Jul 2

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-07-30 Thread Ben Pfaff
On Fri, Jul 29, 2016 at 05:35:31PM -0500, Ryan Moats wrote: > Ben Pfaff <b...@ovn.org> wrote on 07/29/2016 05:27:29 PM: > > > From: Ben Pfaff <b...@ovn.org> > > To: Ryan Moats/Omaha/IBM@IBMUS > > Cc: dev@openvswitch.org > > Date: 07/29/2016 05:27 PM >

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-07-29 Thread Ryan Moats
Ben Pfaff <b...@ovn.org> wrote on 07/29/2016 05:27:29 PM: > From: Ben Pfaff <b...@ovn.org> > To: Ryan Moats/Omaha/IBM@IBMUS > Cc: dev@openvswitch.org > Date: 07/29/2016 05:27 PM > Subject: Re: [ovs-dev] Read only versions of the *ctl binaries > > On Fri, Jul 2

Re: [ovs-dev] Read only versions of the *ctl binaries

2016-07-29 Thread Ben Pfaff
On Fri, Jul 29, 2016 at 04:11:00PM -0500, Ryan Moats wrote: > > We just received a new operational requirement that we have > to restrict access to all binaries that provide RW access to > infrastructure components, but yet still have the ability to > read current state from the infrastructure. >

[ovs-dev] Read only versions of the *ctl binaries

2016-07-29 Thread Ryan Moats
We just received a new operational requirement that we have to restrict access to all binaries that provide RW access to infrastructure components, but yet still have the ability to read current state from the infrastructure. For OVN/OVS, this means we won't be able to use the following binaries