Daniel Veillard <veillard@redhat.com> wrote on 03/30/2010 10:02:09 AM:
Index: libvirt-acl/configure.ac =================================================================== --- libvirt-acl.orig/configure.ac +++ libvirt-acl/configure.ac @@ -300,6 +300,9 @@ AC_DEFINE_UNQUOTED([BASH_PATH], "$BASH_P AC_PATH_PROG([IPTABLES_PATH], [iptables], /sbin/iptables, [/usr/ sbin:$PATH]) AC_DEFINE_UNQUOTED([IPTABLES_PATH], "$IPTABLES_PATH", [path to iptables binary])
+AC_PATH_PROG([IP6TABLES_PATH], [ip6tables], /sbin/ip6tables, [/ usr/sbin:$PATH]) +AC_DEFINE_UNQUOTED([IP6TABLES_PATH], "$IP6TABLES_PATH", [path to ip6tables binary]) + AC_PATH_PROG([EBTABLES_PATH], [ebtables], /sbin/ebtables, [/usr/ sbin:$PATH]) AC_DEFINE_UNQUOTED([EBTABLES_PATH], "$EBTABLES_PATH", [path to ebtables binary])
The patch looks fine, based on the existing code, but I'm a bit surprized by the fact that while there is a lookup for ip6tables/iptables at configure time, i.e. when it's compiled, there is no check at runtime to verify that the binaries which were detected then are actually available on the target. I think some of this should be relaxed like we do for other commands launched at runtime and somehow we should instead use virFindFileInPath() from util.h to find the location of the preferred ip[6]tables.
I created a patch using this function call now. It's a bit bigger than expected. Should I wait for after the next release? Stefan
ACK,
Daniel
-- Daniel Veillard | libxml Gnome XML XSLT toolkit
daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/