mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-11 23:37:42 +00:00
Avoid warnings from nwfilter driver when run non-root
When run non-root the nwfilter driver logs error messages about being unable to find iptables/ebtables commands (they are in /sbin which isn't in $PATH). The nwfilter driver can't ever work as non-root, so simply skip it entirely thus avoiding the error messages * src/conf/nwfilter_conf.h, src/nwfilter/nwfilter_driver.c, src/nwfilter/nwfilter_gentech_driver.c, src/nwfilter/nwfilter_gentech_driver.h: Pass 'bool privileged' flag down to final driver impl * src/nwfilter/nwfilter_ebiptables_driver.c: Skip initialization if not privileged
This commit is contained in:
parent
10713b1b98
commit
525434dd60
@ -502,7 +502,7 @@ struct domUpdateCBStruct {
|
||||
};
|
||||
|
||||
|
||||
typedef int (*virNWFilterTechDrvInit)(void);
|
||||
typedef int (*virNWFilterTechDrvInit)(bool privileged);
|
||||
typedef void (*virNWFilterTechDrvShutdown)(void);
|
||||
|
||||
enum virDomainNetType;
|
||||
|
@ -69,7 +69,7 @@ nwfilterDriverStartup(int privileged) {
|
||||
if (virNWFilterLearnInit() < 0)
|
||||
return -1;
|
||||
|
||||
virNWFilterTechDriversInit();
|
||||
virNWFilterTechDriversInit(privileged);
|
||||
|
||||
if (virNWFilterConfLayerInit(virNWFilterDomainFWUpdateCB) < 0)
|
||||
goto conf_init_err;
|
||||
|
@ -114,7 +114,7 @@ static const char *m_physdev_out_str = "-m physdev " PHYSDEV_OUT;
|
||||
#define COMMENT_VARNAME "comment"
|
||||
|
||||
static int ebtablesRemoveBasicRules(const char *ifname);
|
||||
static int ebiptablesDriverInit(void);
|
||||
static int ebiptablesDriverInit(bool privileged);
|
||||
static void ebiptablesDriverShutdown(void);
|
||||
static int ebtablesCleanAll(const char *ifname);
|
||||
static int ebiptablesAllTeardown(const char *ifname);
|
||||
@ -3653,11 +3653,14 @@ virNWFilterTechDriver ebiptables_driver = {
|
||||
|
||||
|
||||
static int
|
||||
ebiptablesDriverInit(void)
|
||||
ebiptablesDriverInit(bool privileged)
|
||||
{
|
||||
virBuffer buf = VIR_BUFFER_INITIALIZER;
|
||||
int cli_status;
|
||||
|
||||
if (!privileged)
|
||||
return 0;
|
||||
|
||||
if (virMutexInit(&execCLIMutex))
|
||||
return EINVAL;
|
||||
|
||||
@ -3730,7 +3733,7 @@ ebiptablesDriverInit(void)
|
||||
|
||||
|
||||
static void
|
||||
ebiptablesDriverShutdown()
|
||||
ebiptablesDriverShutdown(void)
|
||||
{
|
||||
VIR_FREE(gawk_cmd_path);
|
||||
VIR_FREE(grep_cmd_path);
|
||||
|
@ -50,17 +50,17 @@ static virNWFilterTechDriverPtr filter_tech_drivers[] = {
|
||||
};
|
||||
|
||||
|
||||
void virNWFilterTechDriversInit() {
|
||||
void virNWFilterTechDriversInit(bool privileged) {
|
||||
int i = 0;
|
||||
while (filter_tech_drivers[i]) {
|
||||
if (!(filter_tech_drivers[i]->flags & TECHDRV_FLAG_INITIALIZED))
|
||||
filter_tech_drivers[i]->init();
|
||||
filter_tech_drivers[i]->init(privileged);
|
||||
i++;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void virNWFilterTechDriversShutdown() {
|
||||
void virNWFilterTechDriversShutdown(void) {
|
||||
int i = 0;
|
||||
while (filter_tech_drivers[i]) {
|
||||
if ((filter_tech_drivers[i]->flags & TECHDRV_FLAG_INITIALIZED))
|
||||
|
@ -28,7 +28,7 @@ virNWFilterTechDriverPtr virNWFilterTechDriverForName(const char *name);
|
||||
int virNWFilterRuleInstAddData(virNWFilterRuleInstPtr res,
|
||||
void *data);
|
||||
|
||||
void virNWFilterTechDriversInit(void);
|
||||
void virNWFilterTechDriversInit(bool privileged);
|
||||
void virNWFilterTechDriversShutdown(void);
|
||||
|
||||
enum instCase {
|
||||
|
Loading…
x
Reference in New Issue
Block a user