----- Original Message -----
> From: "Lance Richardson" <[email protected]>
>
> +struct ovsdb_error *ovsdb_perm_error(const char *details, ...)
> +{
> + struct ovsdb_error *error;
> + va_list args;
> +
> + va_start(args, details);
> + error = ovsdb_error_valist("permission error", details, args);
> + va_end(args);
> +
> + return error;
> +}
> +
> +
I had been assuming that these errors would be logged by the client, but
this doesn't seem to be the case (other than in ovsdb-client, anyway).
At the moment, there are no logs produced when a transaction by ovn-controller
is denied due to RBAC checks. I'm wondering if this is something that should
be done by the idl/jsonrpc infrastructure or informational logs in ovsdb-server.
Ideally (I think) the client should be logging these, but it's not clear whether
there's any way currently for e.g. the ovn-controller idl loop to report
transaction errors.
Any suggestions for how to handle reporting RBAC failures or pointers to
existing examples where transaction failures are reported would be appreciated.
Thanks,
Lance
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
