diff options
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/howto/ipsec.rst | 2 | ||||
-rw-r--r-- | Documentation/howto/selinux.rst | 8 | ||||
-rw-r--r-- | Documentation/topics/datapath.rst | 2 | ||||
-rw-r--r-- | Documentation/topics/ovsdb-replication.rst | 9 |
4 files changed, 10 insertions, 11 deletions
diff --git a/Documentation/howto/ipsec.rst b/Documentation/howto/ipsec.rst index 17153ac2b..cd9348420 100644 --- a/Documentation/howto/ipsec.rst +++ b/Documentation/howto/ipsec.rst @@ -162,7 +162,7 @@ undesirable situation. `ipsec_skb_mark`. By setting the ipsec_skb_mark as 0/1, OVS IPsec prevents all unencrypted tunnel packets leaving the host since the default skb_mark value for tunnel packets are 0. This affects all OVS tunnels including those - without IPsec being set up. You can install OpenFlow rules to whitelist + without IPsec being set up. You can install OpenFlow rules to enable those non-IPsec tunnels by setting the skb_mark of the tunnel traffic as non-zero value. diff --git a/Documentation/howto/selinux.rst b/Documentation/howto/selinux.rst index 55c3e39ce..f657d5e51 100644 --- a/Documentation/howto/selinux.rst +++ b/Documentation/howto/selinux.rst @@ -67,8 +67,8 @@ differently than SELinux. SELinux and Open vSwitch are moving targets. What this means is that, if you solely rely on your Linux distribution's SELinux policy, then this policy might not have correctly anticipated that a newer Open vSwitch version needs extra -white list rules. However, if you solely rely on SELinux policy that ships -with Open vSwitch, then Open vSwitch developers might not have correctly +rules to allow behavior. However, if you solely rely on SELinux policy that +ships with Open vSwitch, then Open vSwitch developers might not have correctly anticipated the feature set that your SELinux implementation supports. Installation @@ -136,8 +136,8 @@ Then verify that this module was indeed loaded:: openvswitch 1.1.1 If you still see Permission denied errors, then take a look into -``selinux/openvswitch.te.in`` file in the OVS source tree and try to add white -list rules. This is really simple, just run SELinux audit2allow tool:: +``selinux/openvswitch.te.in`` file in the OVS source tree and try to add allow +rules. This is really simple, just run SELinux audit2allow tool:: $ grep "openvswitch_t" /var/log/audit/audit.log | audit2allow -M ovslocal diff --git a/Documentation/topics/datapath.rst b/Documentation/topics/datapath.rst index 8585c79eb..e6dcfbc19 100644 --- a/Documentation/topics/datapath.rst +++ b/Documentation/topics/datapath.rst @@ -261,5 +261,5 @@ Implement the headers and codes for compatibility with older kernel in function should be prefixed with ``rpl_``. Otherwise, the function should be prefixed with ``ovs_``. For special case when it is not possible to follow this rule (e.g., the ``pskb_expand_head()`` function), the function name must -be added to ``linux/compat/build-aux/export-check-whitelist``, otherwise, the +be added to ``linux/compat/build-aux/export-check-allowlist``, otherwise, the compilation check ``check-export-symbol`` will fail. diff --git a/Documentation/topics/ovsdb-replication.rst b/Documentation/topics/ovsdb-replication.rst index 950dfc9b7..e762f0730 100644 --- a/Documentation/topics/ovsdb-replication.rst +++ b/Documentation/topics/ovsdb-replication.rst @@ -91,7 +91,7 @@ When sending a monitor request the standby server is doing the following: 4. For each database with the same schema in both the active and standby servers: construct and send a monitor request message specifying the tables that will be monitored (i.e all the tables on the database except the ones - blacklisted [*]). + explicitly excluded [*]). 5. Set the standby database to the current state of the active database. @@ -100,10 +100,9 @@ receive notifications of changes occurring to the tables specified in the request. The process of handling this notifications is detailed in the next section. -[*] A set of tables that will be excluded from replication can be configure as -a blacklist of tables via the command line option -``--sync-exclude-tables=db:table[,db:table]...``, where db corresponds to the -database where the table resides. +[*] A set of tables that will be excluded from replication can be configured +via the command line option ``--sync-exclude-tables=db:table[,db:table]...``, +where db corresponds to the database where the table resides. Replication Process ------------------- |