[libvirt] [PATCH 2/2] nwfilter: simplify execution of ebiptables scripts
Eric Blake
eblake at redhat.com
Thu Nov 10 00:12:37 UTC 2011
On 11/09/2011 11:39 AM, Stefan Berger wrote:
> On 11/09/2011 12:46 PM, Eric Blake wrote:
>> It's not worth even worrying about a temporary file, unless we
>> ever expect the script to exceed maximum command-line argument
>> length limits.
>>
>> * src/nwfilter/nwfilter_ebiptables_driver.c (ebiptablesExecCLI):
>> Run the commands as an argument to /bin/sh, rather than worrying
>> about a temporary file.
>> (ebiptablesWriteToTempFile): Delete unused function.
>> *status = 0;
> Here I had to insert:
>
> if (!virBufferUse(buf))
> return 0;
>
>> - cmds = virBufferContentAndReset(buf);
>> - VIR_DEBUG("%s", NULLSTR(cmds));
>> - if (!cmds)
>> - return 0;
Ah, I see - the old code declared early success on no commands to run,
while the new code passes an empty buffer to virCommand; and right now,
virCommand has a bug that an empty buffer becomes NULL instead of an
explicit empty argument (patch for that comming up next). But if there
are no commands to run, then we can skip virCommand altogether (/bin/sh
-c '' will always succeed).
> ACK with above nit fixed so it still works.
I've pushed the two patches with that fixed; I decided to keep them
separate for easier reversion of patch 2 if it turns out I was wrong and
we ever hit an E2BIG error due to not having unlimited command line length.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
More information about the libvir-list
mailing list