[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 2/2] nwfilter: simplify execution of ebiptables scripts



On 11/09/2011 11:39 AM, Stefan Berger wrote:
On 11/09/2011 12:46 PM, Eric Blake wrote:
It's not worth even worrying about a temporary file, unless we
ever expect the script to exceed maximum command-line argument
length limits.

* src/nwfilter/nwfilter_ebiptables_driver.c (ebiptablesExecCLI):
Run the commands as an argument to /bin/sh, rather than worrying
about a temporary file.
(ebiptablesWriteToTempFile): Delete unused function.

*status = 0;
Here I had to insert:

if (!virBufferUse(buf))
return 0;

- cmds = virBufferContentAndReset(buf);
- VIR_DEBUG("%s", NULLSTR(cmds));
- if (!cmds)
- return 0;

Ah, I see - the old code declared early success on no commands to run, while the new code passes an empty buffer to virCommand; and right now, virCommand has a bug that an empty buffer becomes NULL instead of an explicit empty argument (patch for that comming up next). But if there are no commands to run, then we can skip virCommand altogether (/bin/sh -c '' will always succeed).

ACK with above nit fixed so it still works.

I've pushed the two patches with that fixed; I decided to keep them separate for easier reversion of patch 2 if it turns out I was wrong and we ever hit an E2BIG error due to not having unlimited command line length.

--
Eric Blake   eblake redhat com    +1-801-349-2682
Libvirt virtualization library http://libvirt.org


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]