mirror of
https://passt.top/passt
synced 2024-12-22 13:45:32 +00:00
treewide: Replace strerror() calls
Now that we have logging functions embedding perror() functionality, we can make _some_ calls more terse by using them. In many places, the strerror() calls are still more convenient because, for example, they are used in flow debugging functions, or because the return code variable of interest is not 'errno'. While at it, convert a few error messages from a scant perror style to proper failure descriptions. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
This commit is contained in:
parent
92a22fef93
commit
dba7f0f5ce
6
conf.c
6
conf.c
@ -461,7 +461,7 @@ static void get_dns(struct ctx *c)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (line_len < 0)
|
if (line_len < 0)
|
||||||
warn("Error reading /etc/resolv.conf: %s", strerror(errno));
|
warn_perror("Error reading /etc/resolv.conf");
|
||||||
close(fd);
|
close(fd);
|
||||||
|
|
||||||
out:
|
out:
|
||||||
@ -623,6 +623,7 @@ static unsigned int conf_ip4(unsigned int ifi,
|
|||||||
int rc = nl_link_get_mac(nl_sock, ifi, mac);
|
int rc = nl_link_get_mac(nl_sock, ifi, mac);
|
||||||
if (rc < 0) {
|
if (rc < 0) {
|
||||||
char ifname[IFNAMSIZ];
|
char ifname[IFNAMSIZ];
|
||||||
|
|
||||||
err("Couldn't discover MAC address for %s: %s",
|
err("Couldn't discover MAC address for %s: %s",
|
||||||
if_indextoname(ifi, ifname), strerror(-rc));
|
if_indextoname(ifi, ifname), strerror(-rc));
|
||||||
return 0;
|
return 0;
|
||||||
@ -1496,8 +1497,7 @@ void conf(struct ctx *c, int argc, char **argv)
|
|||||||
break;
|
break;
|
||||||
case 'i':
|
case 'i':
|
||||||
if (!(ifi4 = ifi6 = if_nametoindex(optarg)))
|
if (!(ifi4 = ifi6 = if_nametoindex(optarg)))
|
||||||
die("Invalid interface name %s: %s", optarg,
|
die_perror("Invalid interface name %s", optarg);
|
||||||
strerror(errno));
|
|
||||||
break;
|
break;
|
||||||
case 'o':
|
case 'o':
|
||||||
if (inet_pton(AF_INET6, optarg, &c->ip6.addr_out) &&
|
if (inet_pton(AF_INET6, optarg, &c->ip6.addr_out) &&
|
||||||
|
2
fwd.c
2
fwd.c
@ -52,7 +52,7 @@ static void procfs_scan_listen(int fd, unsigned int lstate,
|
|||||||
return;
|
return;
|
||||||
|
|
||||||
if (lseek(fd, 0, SEEK_SET)) {
|
if (lseek(fd, 0, SEEK_SET)) {
|
||||||
warn("lseek() failed on /proc/net file: %s", strerror(errno));
|
warn_perror("lseek() failed on /proc/net file");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
28
isolation.c
28
isolation.c
@ -105,7 +105,7 @@ static void drop_caps_ep_except(uint64_t keep)
|
|||||||
int i;
|
int i;
|
||||||
|
|
||||||
if (syscall(SYS_capget, &hdr, data))
|
if (syscall(SYS_capget, &hdr, data))
|
||||||
die("Couldn't get current capabilities: %s", strerror(errno));
|
die_perror("Couldn't get current capabilities");
|
||||||
|
|
||||||
for (i = 0; i < CAP_WORDS; i++) {
|
for (i = 0; i < CAP_WORDS; i++) {
|
||||||
uint32_t mask = keep >> (32 * i);
|
uint32_t mask = keep >> (32 * i);
|
||||||
@ -115,7 +115,7 @@ static void drop_caps_ep_except(uint64_t keep)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (syscall(SYS_capset, &hdr, data))
|
if (syscall(SYS_capset, &hdr, data))
|
||||||
die("Couldn't drop capabilities: %s", strerror(errno));
|
die_perror("Couldn't drop capabilities");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -152,19 +152,17 @@ static void clamp_caps(void)
|
|||||||
*/
|
*/
|
||||||
if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) &&
|
if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) &&
|
||||||
errno != EINVAL && errno != EPERM)
|
errno != EINVAL && errno != EPERM)
|
||||||
die("Couldn't drop cap %i from bounding set: %s",
|
die_perror("Couldn't drop cap %i from bounding set", i);
|
||||||
i, strerror(errno));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (syscall(SYS_capget, &hdr, data))
|
if (syscall(SYS_capget, &hdr, data))
|
||||||
die("Couldn't get current capabilities: %s", strerror(errno));
|
die_perror("Couldn't get current capabilities");
|
||||||
|
|
||||||
for (i = 0; i < CAP_WORDS; i++)
|
for (i = 0; i < CAP_WORDS; i++)
|
||||||
data[i].inheritable = 0;
|
data[i].inheritable = 0;
|
||||||
|
|
||||||
if (syscall(SYS_capset, &hdr, data))
|
if (syscall(SYS_capset, &hdr, data))
|
||||||
die("Couldn't drop inheritable capabilities: %s",
|
die_perror("Couldn't drop inheritable capabilities");
|
||||||
strerror(errno));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -234,34 +232,30 @@ void isolate_user(uid_t uid, gid_t gid, bool use_userns, const char *userns,
|
|||||||
if (setgroups(0, NULL)) {
|
if (setgroups(0, NULL)) {
|
||||||
/* If we don't have CAP_SETGID, this will EPERM */
|
/* If we don't have CAP_SETGID, this will EPERM */
|
||||||
if (errno != EPERM)
|
if (errno != EPERM)
|
||||||
die("Can't drop supplementary groups: %s",
|
die_perror("Can't drop supplementary groups");
|
||||||
strerror(errno));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (setgid(gid) != 0)
|
if (setgid(gid) != 0)
|
||||||
die("Can't set GID to %u: %s", gid, strerror(errno));
|
die_perror("Can't set GID to %u", gid);
|
||||||
|
|
||||||
if (setuid(uid) != 0)
|
if (setuid(uid) != 0)
|
||||||
die("Can't set UID to %u: %s", uid, strerror(errno));
|
die_perror("Can't set UID to %u", uid);
|
||||||
|
|
||||||
if (*userns) { /* If given a userns, join it */
|
if (*userns) { /* If given a userns, join it */
|
||||||
int ufd;
|
int ufd;
|
||||||
|
|
||||||
ufd = open(userns, O_RDONLY | O_CLOEXEC);
|
ufd = open(userns, O_RDONLY | O_CLOEXEC);
|
||||||
if (ufd < 0)
|
if (ufd < 0)
|
||||||
die("Couldn't open user namespace %s: %s",
|
die_perror("Couldn't open user namespace %s", userns);
|
||||||
userns, strerror(errno));
|
|
||||||
|
|
||||||
if (setns(ufd, CLONE_NEWUSER) != 0)
|
if (setns(ufd, CLONE_NEWUSER) != 0)
|
||||||
die("Couldn't enter user namespace %s: %s",
|
die_perror("Couldn't enter user namespace %s", userns);
|
||||||
userns, strerror(errno));
|
|
||||||
|
|
||||||
close(ufd);
|
close(ufd);
|
||||||
|
|
||||||
} else if (use_userns) { /* Create and join a new userns */
|
} else if (use_userns) { /* Create and join a new userns */
|
||||||
if (unshare(CLONE_NEWUSER) != 0)
|
if (unshare(CLONE_NEWUSER) != 0)
|
||||||
die("Couldn't create user namespace: %s",
|
die_perror("Couldn't create user namespace");
|
||||||
strerror(errno));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Joining a new userns gives us full capabilities; drop the
|
/* Joining a new userns gives us full capabilities; drop the
|
||||||
|
2
log.c
2
log.c
@ -212,7 +212,7 @@ void logfile_init(const char *name, const char *path, size_t size)
|
|||||||
log_file = open(path, O_CREAT | O_TRUNC | O_APPEND | O_RDWR | O_CLOEXEC,
|
log_file = open(path, O_CREAT | O_TRUNC | O_APPEND | O_RDWR | O_CLOEXEC,
|
||||||
S_IRUSR | S_IWUSR);
|
S_IRUSR | S_IWUSR);
|
||||||
if (log_file == -1)
|
if (log_file == -1)
|
||||||
die("Couldn't open log file %s: %s", path, strerror(errno));
|
die_perror("Couldn't open log file %s", path);
|
||||||
|
|
||||||
log_size = size ? size : LOGFILE_SIZE_DEFAULT;
|
log_size = size ? size : LOGFILE_SIZE_DEFAULT;
|
||||||
|
|
||||||
|
@ -133,7 +133,7 @@ static uint32_t nl_send(int s, void *req, uint16_t type,
|
|||||||
|
|
||||||
n = send(s, req, len, 0);
|
n = send(s, req, len, 0);
|
||||||
if (n < 0)
|
if (n < 0)
|
||||||
die("netlink: Failed to send(): %s", strerror(errno));
|
die_perror("netlink: Failed to send()");
|
||||||
else if (n < len)
|
else if (n < len)
|
||||||
die("netlink: Short send (%zd of %zd bytes)", n, len);
|
die("netlink: Short send (%zd of %zd bytes)", n, len);
|
||||||
|
|
||||||
@ -189,7 +189,7 @@ static struct nlmsghdr *nl_next(int s, char *buf, struct nlmsghdr *nh, ssize_t *
|
|||||||
|
|
||||||
*n = recv(s, buf, NLBUFSIZ, 0);
|
*n = recv(s, buf, NLBUFSIZ, 0);
|
||||||
if (*n < 0)
|
if (*n < 0)
|
||||||
die("netlink: Failed to recv(): %s", strerror(errno));
|
die_perror("netlink: Failed to recv()");
|
||||||
|
|
||||||
nh = (struct nlmsghdr *)buf;
|
nh = (struct nlmsghdr *)buf;
|
||||||
if (!NLMSG_OK(nh, *n))
|
if (!NLMSG_OK(nh, *n))
|
||||||
|
12
passt.c
12
passt.c
@ -227,15 +227,11 @@ int main(int argc, char **argv)
|
|||||||
__openlog("pasta", 0, LOG_DAEMON);
|
__openlog("pasta", 0, LOG_DAEMON);
|
||||||
|
|
||||||
sa.sa_handler = pasta_child_handler;
|
sa.sa_handler = pasta_child_handler;
|
||||||
if (sigaction(SIGCHLD, &sa, NULL)) {
|
if (sigaction(SIGCHLD, &sa, NULL))
|
||||||
die("Couldn't install signal handlers: %s",
|
die_perror("Couldn't install signal handlers");
|
||||||
strerror(errno));
|
|
||||||
}
|
|
||||||
|
|
||||||
if (signal(SIGPIPE, SIG_IGN) == SIG_ERR) {
|
if (signal(SIGPIPE, SIG_IGN) == SIG_ERR)
|
||||||
die("Couldn't set disposition for SIGPIPE: %s",
|
die_perror("Couldn't set disposition for SIGPIPE");
|
||||||
strerror(errno));
|
|
||||||
}
|
|
||||||
|
|
||||||
c.mode = MODE_PASTA;
|
c.mode = MODE_PASTA;
|
||||||
} else if (strstr(name, "passt")) {
|
} else if (strstr(name, "passt")) {
|
||||||
|
18
pasta.c
18
pasta.c
@ -138,17 +138,15 @@ void pasta_open_ns(struct ctx *c, const char *netns)
|
|||||||
int nfd = -1;
|
int nfd = -1;
|
||||||
|
|
||||||
nfd = open(netns, O_RDONLY | O_CLOEXEC);
|
nfd = open(netns, O_RDONLY | O_CLOEXEC);
|
||||||
if (nfd < 0) {
|
if (nfd < 0)
|
||||||
die("Couldn't open network namespace %s: %s",
|
die_perror("Couldn't open network namespace %s", netns);
|
||||||
netns, strerror(errno));
|
|
||||||
}
|
|
||||||
|
|
||||||
c->pasta_netns_fd = nfd;
|
c->pasta_netns_fd = nfd;
|
||||||
|
|
||||||
NS_CALL(ns_check, c);
|
NS_CALL(ns_check, c);
|
||||||
|
|
||||||
if (c->pasta_netns_fd < 0)
|
if (c->pasta_netns_fd < 0)
|
||||||
die("Couldn't switch to pasta namespaces: %s", strerror(errno));
|
die_perror("Couldn't switch to pasta namespaces");
|
||||||
|
|
||||||
if (!c->no_netns_quit) {
|
if (!c->no_netns_quit) {
|
||||||
char buf[PATH_MAX] = { 0 };
|
char buf[PATH_MAX] = { 0 };
|
||||||
@ -184,7 +182,7 @@ static int pasta_spawn_cmd(void *arg)
|
|||||||
|
|
||||||
/* We run in a detached PID and mount namespace: mount /proc over */
|
/* We run in a detached PID and mount namespace: mount /proc over */
|
||||||
if (mount("", "/proc", "proc", 0, NULL))
|
if (mount("", "/proc", "proc", 0, NULL))
|
||||||
warn("Couldn't mount /proc: %s", strerror(errno));
|
warn_perror("Couldn't mount /proc");
|
||||||
|
|
||||||
if (write_file("/proc/sys/net/ipv4/ping_group_range", "0 0"))
|
if (write_file("/proc/sys/net/ipv4/ping_group_range", "0 0"))
|
||||||
warn("Cannot set ping_group_range, ICMP requests might fail");
|
warn("Cannot set ping_group_range, ICMP requests might fail");
|
||||||
@ -265,7 +263,7 @@ void pasta_start_ns(struct ctx *c, uid_t uid, gid_t gid,
|
|||||||
|
|
||||||
NS_CALL(pasta_wait_for_ns, c);
|
NS_CALL(pasta_wait_for_ns, c);
|
||||||
if (c->pasta_netns_fd < 0)
|
if (c->pasta_netns_fd < 0)
|
||||||
die("Failed to join network namespace: %s", strerror(errno));
|
die_perror("Failed to join network namespace");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -369,12 +367,12 @@ static int pasta_netns_quit_timer(void)
|
|||||||
struct itimerspec it = { { 1, 0 }, { 1, 0 } }; /* one-second interval */
|
struct itimerspec it = { { 1, 0 }, { 1, 0 } }; /* one-second interval */
|
||||||
|
|
||||||
if (fd == -1) {
|
if (fd == -1) {
|
||||||
err("timerfd_create(): %s", strerror(errno));
|
err_perror("Failed to create timerfd for quit timer");
|
||||||
return -errno;
|
return -errno;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (timerfd_settime(fd, 0, &it, NULL) < 0) {
|
if (timerfd_settime(fd, 0, &it, NULL) < 0) {
|
||||||
err("timerfd_settime(): %s", strerror(errno));
|
err_perror("Failed to set interval for quit timer");
|
||||||
close(fd);
|
close(fd);
|
||||||
return -errno;
|
return -errno;
|
||||||
}
|
}
|
||||||
@ -467,7 +465,7 @@ void pasta_netns_quit_timer_handler(struct ctx *c, union epoll_ref ref)
|
|||||||
|
|
||||||
n = read(ref.fd, &expirations, sizeof(expirations));
|
n = read(ref.fd, &expirations, sizeof(expirations));
|
||||||
if (n < 0)
|
if (n < 0)
|
||||||
die("Namespace watch timer read() error: %s", strerror(errno));
|
die_perror("Namespace watch timer read() error");
|
||||||
if ((size_t)n < sizeof(expirations))
|
if ((size_t)n < sizeof(expirations))
|
||||||
warn("Namespace watch timer: short read(): %zi", n);
|
warn("Namespace watch timer: short read(): %zi", n);
|
||||||
|
|
||||||
|
8
pcap.c
8
pcap.c
@ -89,10 +89,8 @@ static void pcap_frame(const struct iovec *iov, size_t iovcnt,
|
|||||||
struct iovec hiov = { &h, sizeof(h) };
|
struct iovec hiov = { &h, sizeof(h) };
|
||||||
|
|
||||||
if (write_remainder(pcap_fd, &hiov, 1, 0) < 0 ||
|
if (write_remainder(pcap_fd, &hiov, 1, 0) < 0 ||
|
||||||
write_remainder(pcap_fd, iov, iovcnt, offset) < 0) {
|
write_remainder(pcap_fd, iov, iovcnt, offset) < 0)
|
||||||
debug("Cannot log packet, length %zu: %s",
|
debug_perror("Cannot log packet, length %zu", l2len);
|
||||||
l2len, strerror(errno));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -178,5 +176,5 @@ void pcap_init(struct ctx *c)
|
|||||||
info("Saving packet capture to %s", c->pcap);
|
info("Saving packet capture to %s", c->pcap);
|
||||||
|
|
||||||
if (write(pcap_fd, &pcap_hdr, sizeof(pcap_hdr)) < 0)
|
if (write(pcap_fd, &pcap_hdr, sizeof(pcap_hdr)) < 0)
|
||||||
warn("Cannot write PCAP header: %s", strerror(errno));
|
warn_perror("Cannot write PCAP header");
|
||||||
}
|
}
|
||||||
|
14
tap.c
14
tap.c
@ -325,7 +325,7 @@ static size_t tap_send_frames_pasta(const struct ctx *c,
|
|||||||
size_t framelen = iov_size(iov + i, bufs_per_frame);
|
size_t framelen = iov_size(iov + i, bufs_per_frame);
|
||||||
|
|
||||||
if (rc < 0) {
|
if (rc < 0) {
|
||||||
debug("tap write: %s", strerror(errno));
|
debug_perror("tap write");
|
||||||
|
|
||||||
switch (errno) {
|
switch (errno) {
|
||||||
case EAGAIN:
|
case EAGAIN:
|
||||||
@ -387,7 +387,7 @@ static size_t tap_send_frames_passt(const struct ctx *c,
|
|||||||
size_t rembufs = bufs_per_frame - (i % bufs_per_frame);
|
size_t rembufs = bufs_per_frame - (i % bufs_per_frame);
|
||||||
|
|
||||||
if (write_remainder(c->fd_tap, &iov[i], rembufs, buf_offset) < 0) {
|
if (write_remainder(c->fd_tap, &iov[i], rembufs, buf_offset) < 0) {
|
||||||
err("tap: partial frame send: %s", strerror(errno));
|
err_perror("tap: partial frame send");
|
||||||
return i;
|
return i;
|
||||||
}
|
}
|
||||||
i += rembufs;
|
i += rembufs;
|
||||||
@ -1122,7 +1122,7 @@ int tap_sock_unix_open(char *sock_path)
|
|||||||
int i;
|
int i;
|
||||||
|
|
||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
die("UNIX socket: %s", strerror(errno));
|
die_perror("Failed to open UNIX domain socket");
|
||||||
|
|
||||||
for (i = 1; i < UNIX_SOCK_MAX; i++) {
|
for (i = 1; i < UNIX_SOCK_MAX; i++) {
|
||||||
char *path = addr.sun_path;
|
char *path = addr.sun_path;
|
||||||
@ -1135,7 +1135,7 @@ int tap_sock_unix_open(char *sock_path)
|
|||||||
|
|
||||||
ex = socket(AF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0);
|
ex = socket(AF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0);
|
||||||
if (ex < 0)
|
if (ex < 0)
|
||||||
die("UNIX domain socket check: %s", strerror(errno));
|
die_perror("Failed to check for UNIX domain conflicts");
|
||||||
|
|
||||||
ret = connect(ex, (const struct sockaddr *)&addr, sizeof(addr));
|
ret = connect(ex, (const struct sockaddr *)&addr, sizeof(addr));
|
||||||
if (!ret || (errno != ENOENT && errno != ECONNREFUSED &&
|
if (!ret || (errno != ENOENT && errno != ECONNREFUSED &&
|
||||||
@ -1155,7 +1155,7 @@ int tap_sock_unix_open(char *sock_path)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (i == UNIX_SOCK_MAX)
|
if (i == UNIX_SOCK_MAX)
|
||||||
die("UNIX socket bind: %s", strerror(errno));
|
die_perror("Failed to bind UNIX domain socket");
|
||||||
|
|
||||||
info("UNIX domain socket bound at %s", addr.sun_path);
|
info("UNIX domain socket bound at %s", addr.sun_path);
|
||||||
if (!*sock_path)
|
if (!*sock_path)
|
||||||
@ -1261,11 +1261,11 @@ static int tap_ns_tun(void *arg)
|
|||||||
|
|
||||||
fd = open("/dev/net/tun", flags);
|
fd = open("/dev/net/tun", flags);
|
||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
die("Failed to open() /dev/net/tun: %s", strerror(errno));
|
die_perror("Failed to open() /dev/net/tun");
|
||||||
|
|
||||||
rc = ioctl(fd, TUNSETIFF, &ifr);
|
rc = ioctl(fd, TUNSETIFF, &ifr);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
die("TUNSETIFF failed: %s", strerror(errno));
|
die_perror("TUNSETIFF ioctl on /dev/net/tun failed");
|
||||||
|
|
||||||
if (!(c->pasta_ifi = if_nametoindex(c->pasta_ifn)))
|
if (!(c->pasta_ifi = if_nametoindex(c->pasta_ifn)))
|
||||||
die("Tap device opened but no network interface found");
|
die("Tap device opened but no network interface found");
|
||||||
|
24
tcp.c
24
tcp.c
@ -1553,19 +1553,15 @@ static void tcp_bind_outbound(const struct ctx *c, int s, sa_family_t af)
|
|||||||
.sin_addr = c->ip4.addr_out,
|
.sin_addr = c->ip4.addr_out,
|
||||||
};
|
};
|
||||||
|
|
||||||
if (bind(s, (struct sockaddr *)&addr4, sizeof(addr4))) {
|
if (bind(s, (struct sockaddr *)&addr4, sizeof(addr4)))
|
||||||
debug("Can't bind IPv4 TCP socket address: %s",
|
debug_perror("IPv4 TCP socket address bind");
|
||||||
strerror(errno));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (*c->ip4.ifname_out) {
|
if (*c->ip4.ifname_out) {
|
||||||
if (setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE,
|
if (setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE,
|
||||||
c->ip4.ifname_out,
|
c->ip4.ifname_out,
|
||||||
strlen(c->ip4.ifname_out))) {
|
strlen(c->ip4.ifname_out)))
|
||||||
debug("Can't bind IPv4 TCP socket to interface:"
|
debug_perror("IPv4 TCP socket interface bind");
|
||||||
" %s", strerror(errno));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
} else if (af == AF_INET6) {
|
} else if (af == AF_INET6) {
|
||||||
if (!IN6_IS_ADDR_UNSPECIFIED(&c->ip6.addr_out)) {
|
if (!IN6_IS_ADDR_UNSPECIFIED(&c->ip6.addr_out)) {
|
||||||
@ -1575,19 +1571,15 @@ static void tcp_bind_outbound(const struct ctx *c, int s, sa_family_t af)
|
|||||||
.sin6_addr = c->ip6.addr_out,
|
.sin6_addr = c->ip6.addr_out,
|
||||||
};
|
};
|
||||||
|
|
||||||
if (bind(s, (struct sockaddr *)&addr6, sizeof(addr6))) {
|
if (bind(s, (struct sockaddr *)&addr6, sizeof(addr6)))
|
||||||
debug("Can't bind IPv6 TCP socket address: %s",
|
debug_perror("IPv6 TCP socket address bind");
|
||||||
strerror(errno));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (*c->ip6.ifname_out) {
|
if (*c->ip6.ifname_out) {
|
||||||
if (setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE,
|
if (setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE,
|
||||||
c->ip6.ifname_out,
|
c->ip6.ifname_out,
|
||||||
strlen(c->ip6.ifname_out))) {
|
strlen(c->ip6.ifname_out)))
|
||||||
debug("Can't bind IPv6 TCP socket to interface:"
|
debug_perror("IPv6 TCP socket interface bind");
|
||||||
" %s", strerror(errno));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
12
util.c
12
util.c
@ -315,7 +315,7 @@ void bitmap_or(uint8_t *dst, size_t size, const uint8_t *a, const uint8_t *b)
|
|||||||
void ns_enter(const struct ctx *c)
|
void ns_enter(const struct ctx *c)
|
||||||
{
|
{
|
||||||
if (setns(c->pasta_netns_fd, CLONE_NEWNET))
|
if (setns(c->pasta_netns_fd, CLONE_NEWNET))
|
||||||
die("setns() failed entering netns: %s", strerror(errno));
|
die_perror("setns() failed entering netns");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -330,10 +330,8 @@ bool ns_is_init(void)
|
|||||||
bool ret = true;
|
bool ret = true;
|
||||||
int fd;
|
int fd;
|
||||||
|
|
||||||
if ((fd = open("/proc/self/uid_map", O_RDONLY | O_CLOEXEC)) < 0) {
|
if ((fd = open("/proc/self/uid_map", O_RDONLY | O_CLOEXEC)) < 0)
|
||||||
die("Can't determine if we're in init namespace: %s",
|
die_perror("Can't determine if we're in init namespace");
|
||||||
strerror(errno));
|
|
||||||
}
|
|
||||||
|
|
||||||
if (read(fd, buf, sizeof(root_uid_map)) != sizeof(root_uid_map) - 1 ||
|
if (read(fd, buf, sizeof(root_uid_map)) != sizeof(root_uid_map) - 1 ||
|
||||||
strncmp(buf, root_uid_map, sizeof(root_uid_map)))
|
strncmp(buf, root_uid_map, sizeof(root_uid_map)))
|
||||||
@ -509,7 +507,7 @@ int write_file(const char *path, const char *buf)
|
|||||||
size_t len = strlen(buf);
|
size_t len = strlen(buf);
|
||||||
|
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
warn("Could not open %s: %s", path, strerror(errno));
|
warn_perror("Could not open %s", path);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -517,7 +515,7 @@ int write_file(const char *path, const char *buf)
|
|||||||
ssize_t rc = write(fd, buf, len);
|
ssize_t rc = write(fd, buf, len);
|
||||||
|
|
||||||
if (rc <= 0) {
|
if (rc <= 0) {
|
||||||
warn("Couldn't write to %s: %s", path, strerror(errno));
|
warn_perror("Couldn't write to %s", path);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user