Re: [PATCH 2/2] nwfilter: simplify execution of ebiptables scripts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/09/2011 11:39 AM, Stefan Berger wrote:
On 11/09/2011 12:46 PM, Eric Blake wrote:
It's not worth even worrying about a temporary file, unless we
ever expect the script to exceed maximum command-line argument
length limits.

* src/nwfilter/nwfilter_ebiptables_driver.c (ebiptablesExecCLI):
Run the commands as an argument to /bin/sh, rather than worrying
about a temporary file.
(ebiptablesWriteToTempFile): Delete unused function.

*status = 0;
Here I had to insert:

if (!virBufferUse(buf))
return 0;

- cmds = virBufferContentAndReset(buf);
- VIR_DEBUG("%s", NULLSTR(cmds));
- if (!cmds)
- return 0;

Ah, I see - the old code declared early success on no commands to run, while the new code passes an empty buffer to virCommand; and right now, virCommand has a bug that an empty buffer becomes NULL instead of an explicit empty argument (patch for that comming up next). But if there are no commands to run, then we can skip virCommand altogether (/bin/sh -c '' will always succeed).

ACK with above nit fixed so it still works.

I've pushed the two patches with that fixed; I decided to keep them separate for easier reversion of patch 2 if it turns out I was wrong and we ever hit an E2BIG error due to not having unlimited command line length.

--
Eric Blake   eblake@xxxxxxxxxx    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]