| Message ID | CA+kHd+fMWmomd0ZTWO3nj0iCSOTmXoW-J4S7XNrYq86JznBM0Q@mail.gmail.com |
|---|---|
| State | Changes Requested |
| Headers | show |
Thomas Habets <thomas@habets.se> wrote: > I sent this before without being subscribed, but it doesn't seem to > have reached the archives so now retrying while subscribed. Weird, its an open list (no subscribe required). > If you're not root, then iptables-save silently fails (both to stderr > and exit code). This patch fixes that. Thanks, patch looks good but > --- a/iptables/ip6tables-save.c > +++ b/iptables/ip6tables-save.c > @@ -35,10 +35,16 @@ static int for_each_table(int (*func)(const char > *tablename)) > int ret = 1; > FILE *procfile = NULL; > char tablename[XT_TABLE_MAXNAMELEN+1]; > + const char *filename = "/proc/net/ip6_tables_names"; static const char filename[] = " > - procfile = fopen("/proc/net/ip6_tables_names", "re"); > - if (!procfile) > - return ret; > + procfile = fopen(filename, "re"); > + if (!procfile) { > + if (errno == ENOENT) { > + return ret; > + } iptables uses kernel coding style, so if (errno == ENOENT) return ret; (no { } ) > + fprintf(stderr, "Failed to list table names in %s: > %s\n", filename, strerror(errno)); > + exit(1); Looks like your mua mangled the patch and broke long lines. Can you send with git-send-email? Otherwise see Documentation/email-clients.txt in the linux kernel sources. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/iptables/ip6tables-save.c b/iptables/ip6tables-save.c index f35e921..5097406 100644 --- a/iptables/ip6tables-save.c +++ b/iptables/ip6tables-save.c @@ -35,10 +35,16 @@ static int for_each_table(int (*func)(const char *tablename)) int ret = 1; FILE *procfile = NULL; char tablename[XT_TABLE_MAXNAMELEN+1]; + const char *filename = "/proc/net/ip6_tables_names"; - procfile = fopen("/proc/net/ip6_tables_names", "re"); - if (!procfile) - return ret; + procfile = fopen(filename, "re"); + if (!procfile) { + if (errno == ENOENT) { + return ret; + } + fprintf(stderr, "Failed to list table names in %s: %s\n", filename, strerror(errno)); + exit(1); + } while (fgets(tablename, sizeof(tablename), procfile)) { if (tablename[strlen(tablename) - 1] != '\n') diff --git a/iptables/iptables-save.c b/iptables/iptables-save.c index 238f368..47d5378 100644 --- a/iptables/iptables-save.c +++ b/iptables/iptables-save.c @@ -33,10 +33,16 @@ static int for_each_table(int (*func)(const char *tablename)) int ret = 1; FILE *procfile = NULL; char tablename[XT_TABLE_MAXNAMELEN+1]; + const char *filename = "/proc/net/ip_tables_names"; - procfile = fopen("/proc/net/ip_tables_names", "re"); - if (!procfile) - return ret; + procfile = fopen(filename, "re"); + if (!procfile) { + if (errno == ENOENT) { + return ret; + } + fprintf(stderr, "Failed to list table names in %s: %s\n", filename, strerror(errno)); + exit(1); + }
I sent this before without being subscribed, but it doesn't seem to have reached the archives so now retrying while subscribed. If you're not root, then iptables-save silently fails (both to stderr and exit code). This patch fixes that. -- Author: Thomas Habets <habets@google.com> Date: Tue Jan 17 14:22:25 2017 +0000 iptables-save: Exit with error if unable to open proc file while (fgets(tablename, sizeof(tablename), procfile)) { if (tablename[strlen(tablename) - 1] != '\n')