On Mon, Apr 12, 2010 at 11:41:31AM -0400, Stefan Berger wrote:
Daniel Veillard <veillard@redhat.com> wrote on 03/30/2010 10:02:09 AM:
Index: libvirt-acl/configure.ac =================================================================== --- libvirt-acl.orig/configure.ac +++ libvirt-acl/configure.ac @@ -300,6 +300,9 @@ AC_DEFINE_UNQUOTED([BASH_PATH], "$BASH_P AC_PATH_PROG([IPTABLES_PATH], [iptables], /sbin/iptables, [/usr/ sbin:$PATH]) AC_DEFINE_UNQUOTED([IPTABLES_PATH], "$IPTABLES_PATH", [path to iptables binary])
+AC_PATH_PROG([IP6TABLES_PATH], [ip6tables], /sbin/ip6tables, [/ usr/sbin:$PATH]) +AC_DEFINE_UNQUOTED([IP6TABLES_PATH], "$IP6TABLES_PATH", [path to ip6tables binary]) + AC_PATH_PROG([EBTABLES_PATH], [ebtables], /sbin/ebtables, [/usr/ sbin:$PATH]) AC_DEFINE_UNQUOTED([EBTABLES_PATH], "$EBTABLES_PATH", [path to ebtables binary])
The patch looks fine, based on the existing code, but I'm a bit surprized by the fact that while there is a lookup for ip6tables/iptables at configure time, i.e. when it's compiled, there is no check at runtime to verify that the binaries which were detected then are actually available on the target. I think some of this should be relaxed like we do for other commands launched at runtime and somehow we should instead use virFindFileInPath() from util.h to find the location of the preferred ip[6]tables.
I created a patch using this function call now. It's a bit bigger than expected. Should I wait for after the next release?
Yeah, it's a bit late in the process, doesn't affect APIs so no urgency, so let's do that after 0.8.0, that doesn't change the core concepts. Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/