{"id":815919,"url":"http://patchwork.ozlabs.org/api/patches/815919/?format=json","web_url":"http://patchwork.ozlabs.org/project/openvswitch/patch/20170919220125.32535-27-blp@ovn.org/","project":{"id":47,"url":"http://patchwork.ozlabs.org/api/projects/47/?format=json","name":"Open vSwitch","link_name":"openvswitch","list_id":"ovs-dev.openvswitch.org","list_email":"ovs-dev@openvswitch.org","web_url":"http://openvswitch.org/","scm_url":"git@github.com:openvswitch/ovs.git","webscm_url":"https://github.com/openvswitch/ovs","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20170919220125.32535-27-blp@ovn.org>","list_archive_url":null,"date":"2017-09-19T22:00:59","name":"[ovs-dev,RFC,26/52] ovsdb-server: Forbid user-specified databases with reserved names.","commit_ref":null,"pull_url":null,"state":"rfc","archived":false,"hash":"515c7b7a7f09bb9977f5f7ccad4e9358c05279ef","submitter":{"id":67603,"url":"http://patchwork.ozlabs.org/api/people/67603/?format=json","name":"Ben Pfaff","email":"blp@ovn.org"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/openvswitch/patch/20170919220125.32535-27-blp@ovn.org/mbox/","series":[{"id":3975,"url":"http://patchwork.ozlabs.org/api/series/3975/?format=json","web_url":"http://patchwork.ozlabs.org/project/openvswitch/list/?series=3975","date":"2017-09-19T22:00:34","name":"clustering implementation","version":1,"mbox":"http://patchwork.ozlabs.org/series/3975/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/815919/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/815919/checks/","tags":{},"related":[],"headers":{"Return-Path":"<ovs-dev-bounces@openvswitch.org>","X-Original-To":["incoming@patchwork.ozlabs.org","dev@openvswitch.org"],"Delivered-To":["patchwork-incoming@bilbo.ozlabs.org","ovs-dev@mail.linuxfoundation.org"],"Authentication-Results":"ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=openvswitch.org\n\t(client-ip=140.211.169.12; helo=mail.linuxfoundation.org;\n\tenvelope-from=ovs-dev-bounces@openvswitch.org;\n\treceiver=<UNKNOWN>)","Received":["from mail.linuxfoundation.org (mail.linuxfoundation.org\n\t[140.211.169.12])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xxd780CM7z9sNV\n\tfor <incoming@patchwork.ozlabs.org>;\n\tWed, 20 Sep 2017 08:37:56 +1000 (AEST)","from mail.linux-foundation.org (localhost [127.0.0.1])\n\tby mail.linuxfoundation.org (Postfix) with ESMTP id 538CCDF8;\n\tTue, 19 Sep 2017 22:26:23 +0000 (UTC)","from smtp1.linuxfoundation.org (smtp1.linux-foundation.org\n\t[172.17.192.35])\n\tby mail.linuxfoundation.org (Postfix) with ESMTPS id C6D27B63\n\tfor <dev@openvswitch.org>; Tue, 19 Sep 2017 22:26:21 +0000 (UTC)","from slow1-d.mail.gandi.net (slow1-d.mail.gandi.net\n\t[217.70.178.86])\n\tby smtp1.linuxfoundation.org (Postfix) with ESMTP id E1CF846A\n\tfor <dev@openvswitch.org>; Tue, 19 Sep 2017 22:26:20 +0000 (UTC)","from relay4-d.mail.gandi.net (relay4-d.mail.gandi.net\n\t[217.70.183.196])\n\tby slow1-d.mail.gandi.net (Postfix) with ESMTP id 3164B534EBA\n\tfor <dev@openvswitch.org>; Wed, 20 Sep 2017 00:02:14 +0200 (CEST)","from sigabrt.benpfaff.org (unknown [208.91.2.3])\n\t(Authenticated sender: blp@ovn.org)\n\tby relay4-d.mail.gandi.net (Postfix) with ESMTPSA id 8C8FC1720A3;\n\tWed, 20 Sep 2017 00:02:12 +0200 (CEST)"],"X-Greylist":"from auto-whitelisted by SQLgrey-1.7.6","X-Originating-IP":"208.91.2.3","From":"Ben Pfaff <blp@ovn.org>","To":"dev@openvswitch.org","Date":"Tue, 19 Sep 2017 15:00:59 -0700","Message-Id":"<20170919220125.32535-27-blp@ovn.org>","X-Mailer":"git-send-email 2.10.2","In-Reply-To":"<20170919220125.32535-1-blp@ovn.org>","References":"<20170919220125.32535-1-blp@ovn.org>","X-Spam-Status":"No, score=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW\n\tautolearn=disabled version=3.3.1","X-Spam-Checker-Version":"SpamAssassin 3.3.1 (2010-03-16) on\n\tsmtp1.linux-foundation.org","Cc":"Ben Pfaff <blp@ovn.org>","Subject":"[ovs-dev] [PATCH RFC 26/52] ovsdb-server: Forbid user-specified\n\tdatabases with reserved names.","X-BeenThere":"ovs-dev@openvswitch.org","X-Mailman-Version":"2.1.12","Precedence":"list","List-Id":"<ovs-dev.openvswitch.org>","List-Unsubscribe":"<https://mail.openvswitch.org/mailman/options/ovs-dev>,\n\t<mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>","List-Archive":"<http://mail.openvswitch.org/pipermail/ovs-dev/>","List-Post":"<mailto:ovs-dev@openvswitch.org>","List-Help":"<mailto:ovs-dev-request@openvswitch.org?subject=help>","List-Subscribe":"<https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,\n\t<mailto:ovs-dev-request@openvswitch.org?subject=subscribe>","MIME-Version":"1.0","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Sender":"ovs-dev-bounces@openvswitch.org","Errors-To":"ovs-dev-bounces@openvswitch.org"},"content":"Names that begin with \"_\" are reserved, but ovsdb-server didn't previously\nenforce this.\n\nSigned-off-by: Ben Pfaff <blp@ovn.org>\n---\n ovsdb/execution.c    | 17 ++++++++++++-----\n ovsdb/ovsdb-client.c | 19 ++++++++++++++-----\n ovsdb/ovsdb-server.c | 51 ++++++++++++++++++++++++++++++++++++++-------------\n 3 files changed, 64 insertions(+), 23 deletions(-)","diff":"diff --git a/ovsdb/execution.c b/ovsdb/execution.c\nindex c6feafd7d552..806d65690fc3 100644\n--- a/ovsdb/execution.c\n+++ b/ovsdb/execution.c\n@@ -173,11 +173,18 @@ ovsdb_execute(struct ovsdb *db, const struct ovsdb_session *session,\n             error = parse_error;\n         }\n         /* Create read-only violation error if there is one. */\n-        if (!error && read_only && !ro) {\n-            error = ovsdb_error(\"not allowed\",\n-                                \"%s operation not allowed when \"\n-                                \"database server is in read only mode\",\n-                                op_name);\n+        if (!ro && !error) {\n+            if (read_only) {\n+                error = ovsdb_error(\"not allowed\",\n+                                    \"%s operation not allowed when \"\n+                                    \"database server is in read only mode\",\n+                                    op_name);\n+            } else if (db->schema->name[0] == '_') {\n+                error = ovsdb_error(\"not allowed\",\n+                                    \"%s operation not allowed on \"\n+                                    \"table in reserved database %s\",\n+                                    op_name, db->schema->name);\n+            }\n         }\n         if (error) {\n             json_destroy(result);\ndiff --git a/ovsdb/ovsdb-client.c b/ovsdb/ovsdb-client.c\nindex 41b9727b12b9..194ff47593f3 100644\n--- a/ovsdb/ovsdb-client.c\n+++ b/ovsdb/ovsdb-client.c\n@@ -131,14 +131,23 @@ main(int argc, char *argv[])\n         if (argc - optind > command->min_args\n             && svec_contains(&dbs, argv[optind])) {\n             database = xstrdup(argv[optind++]);\n-        } else if (dbs.n == 1) {\n-            database = xstrdup(dbs.names[0]);\n         } else if (svec_contains(&dbs, \"Open_vSwitch\")) {\n             database = xstrdup(\"Open_vSwitch\");\n         } else {\n-            jsonrpc_close(rpc);\n-            ovs_fatal(0, \"no default database for `%s' command, please \"\n-                      \"specify a database name\", command->name);\n+            size_t n = 0;\n+            const char *best = NULL;\n+            for (size_t i = 0; i < dbs.n; i++) {\n+                if (dbs.names[i][0] != '_') {\n+                    best = dbs.names[i];\n+                    n++;\n+                }\n+            }\n+            if (n != 1) {\n+                jsonrpc_close(rpc);\n+                ovs_fatal(0, \"no default database for `%s' command, please \"\n+                          \"specify a database name\", command->name);\n+            }\n+            database = xstrdup(best);\n         }\n         svec_destroy(&dbs);\n     } else {\ndiff --git a/ovsdb/ovsdb-server.c b/ovsdb/ovsdb-server.c\nindex eecd84607408..8254fbb8733d 100644\n--- a/ovsdb/ovsdb-server.c\n+++ b/ovsdb/ovsdb-server.c\n@@ -142,7 +142,9 @@ ovsdb_replication_init(const char *sync_from, const char *exclude,\n     struct shash_node *node;\n     SHASH_FOR_EACH (node, all_dbs) {\n         struct db *db = node->data;\n-        replication_add_local_db(node->name, db->db);\n+        if (node->name[0] != '_' && db->db) {\n+            replication_add_local_db(node->name, db->db);\n+        }\n     }\n }\n \n@@ -514,6 +516,9 @@ open_db(struct server_config *config, const char *filename)\n     db_error = ovsdb_file_open(db->filename, false, &db->db, &db->file);\n     if (db_error) {\n         error = ovsdb_error_to_string(db_error);\n+    } else if (db->db->schema->name[0] == '_') {\n+        error = xasprintf(\"%s: names beginning with \\\"_\\\" are reserved\",\n+                          db->db->schema->name);\n     } else if (!ovsdb_jsonrpc_server_add_db(config->jsonrpc, db->db)) {\n         error = xasprintf(\"%s: duplicate database name\", db->db->schema->name);\n     } else {\n@@ -1124,10 +1129,17 @@ ovsdb_server_compact(struct unixctl_conn *conn, int argc,\n     struct shash_node *node;\n     int n = 0;\n \n+    if (argc > 2 && argv[1][0] == '_') {\n+        unixctl_command_reply_error(conn, \"cannot compact built-in databases\");\n+        return;\n+    }\n+\n     ds_init(&reply);\n     SHASH_FOR_EACH(node, all_dbs) {\n         db = node->data;\n-        if (argc < 2 || !strcmp(argv[1], node->name)) {\n+        if (argc < 2\n+            ? node->name[0] != '_'\n+            : !strcmp(argv[1], node->name)) {\n             struct ovsdb_error *error;\n \n             VLOG_INFO(\"compacting %s database by user request\", node->name);\n@@ -1262,21 +1274,12 @@ ovsdb_server_add_database(struct unixctl_conn *conn, int argc OVS_UNUSED,\n }\n \n static void\n-ovsdb_server_remove_database(struct unixctl_conn *conn, int argc OVS_UNUSED,\n-                             const char *argv[], void *config_)\n+remove_db(struct server_config *config, struct shash_node *node)\n {\n-    struct server_config *config = config_;\n-    struct shash_node *node;\n     struct db *db;\n     bool ok;\n \n-    node = shash_find(config->all_dbs, argv[1]);\n-    if (!node)  {\n-        unixctl_command_reply_error(conn, \"Failed to find the database.\");\n-        return;\n-    }\n     db = node->data;\n-\n     ok = ovsdb_jsonrpc_server_remove_db(config->jsonrpc, db->db);\n     ovs_assert(ok);\n \n@@ -1290,6 +1293,26 @@ ovsdb_server_remove_database(struct unixctl_conn *conn, int argc OVS_UNUSED,\n         ovsdb_replication_init(*config->sync_from, *config->sync_exclude,\n                                config->all_dbs, server_uuid);\n     }\n+}\n+\n+static void\n+ovsdb_server_remove_database(struct unixctl_conn *conn, int argc OVS_UNUSED,\n+                             const char *argv[], void *config_)\n+{\n+    struct server_config *config = config_;\n+    struct shash_node *node;\n+\n+    node = shash_find(config->all_dbs, argv[1]);\n+    if (!node)  {\n+        unixctl_command_reply_error(conn, \"Failed to find the database.\");\n+        return;\n+    }\n+    if (node->name[0] == '_') {\n+        unixctl_command_reply_error(conn, \"Cannot remove reserved database.\");\n+        return;\n+    }\n+\n+    remove_db(config, node);\n     unixctl_command_reply(conn, NULL);\n }\n \n@@ -1549,7 +1572,9 @@ save_config(struct server_config *config)\n     sset_init(&db_filenames);\n     SHASH_FOR_EACH (node, config->all_dbs) {\n         struct db *db = node->data;\n-        sset_add(&db_filenames, db->filename);\n+        if (node->name[0] != '_') {\n+            sset_add(&db_filenames, db->filename);\n+        }\n     }\n \n     save_config__(config->config_tmpfile, config->remotes, &db_filenames,\n","prefixes":["ovs-dev","RFC","26/52"]}