[libvirt] [PATCH] nwfilter: improved logging during driver initialization
Improve the logging during nwfilter driver initialization when testing the command line tools. --- src/nwfilter/nwfilter_ebiptables_driver.c | 41 +++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 12 deletions(-) Index: libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c =================================================================== --- libvirt-acl.orig/src/nwfilter/nwfilter_ebiptables_driver.c +++ libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c @@ -4036,6 +4036,7 @@ static int ebiptablesDriverInit(bool privileged) { virBuffer buf = VIR_BUFFER_INITIALIZER; + char *errmsg = NULL; if (!privileged) return 0; @@ -4056,8 +4057,14 @@ ebiptablesDriverInit(bool privileged) "%s", CMD_STOPONERR(1)); - if (ebiptablesExecCLI(&buf, NULL, NULL) < 0) - VIR_FREE(ebtables_cmd_path); + if (ebiptablesExecCLI(&buf, NULL, &errmsg) < 0) { + VIR_FREE(ebtables_cmd_path); + VIR_ERROR(_("Testing of ebtables command failed%s%s."), + errmsg ? ": " : "", + errmsg ? errmsg : ""); + } + } else { + VIR_WARN(_("Could not find 'ebtables' executable.")); } iptables_cmd_path = virFindFileInPath("iptables"); @@ -4070,8 +4077,14 @@ ebiptablesDriverInit(bool privileged) "%s", CMD_STOPONERR(1)); - if (ebiptablesExecCLI(&buf, NULL, NULL) < 0) - VIR_FREE(iptables_cmd_path); + if (ebiptablesExecCLI(&buf, NULL, &errmsg) < 0) { + VIR_FREE(iptables_cmd_path); + VIR_ERROR(_("Testing of iptables command failed%s%s."), + errmsg ? ": " : "", + errmsg ? errmsg : ""); + } + } else { + VIR_WARN(_("Could not find 'iptables' executable.")); } ip6tables_cmd_path = virFindFileInPath("ip6tables"); @@ -4084,25 +4097,29 @@ ebiptablesDriverInit(bool privileged) "%s", CMD_STOPONERR(1)); - if (ebiptablesExecCLI(&buf, NULL, NULL) < 0) - VIR_FREE(ip6tables_cmd_path); + if (ebiptablesExecCLI(&buf, NULL, &errmsg) < 0) { + VIR_FREE(ip6tables_cmd_path); + VIR_ERROR(_("Testing of ip6tables command failed%s%s."), + errmsg ? ": " : "", + errmsg ? errmsg : ""); + } + } else { + VIR_WARN(_("Could not find 'ip6tables' executable.")); } /* ip(6)tables support needs gawk & grep, ebtables doesn't */ if ((iptables_cmd_path != NULL || ip6tables_cmd_path != NULL) && (!grep_cmd_path || !gawk_cmd_path)) { - virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("essential tools to support ip(6)tables " - "firewalls could not be located")); + VIR_ERROR(_("essential tools to support ip(6)tables " + "firewalls could not be located")); VIR_FREE(iptables_cmd_path); VIR_FREE(ip6tables_cmd_path); } + VIR_FREE(errmsg); if (!ebtables_cmd_path && !iptables_cmd_path && !ip6tables_cmd_path) { - virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("firewall tools were not found or " - "cannot be used")); + VIR_ERROR(_("firewall tools were not found or cannot be used")); ebiptablesDriverShutdown(); return -ENOTSUP; }
On 02/16/2012 01:55 PM, Stefan Berger wrote:
Improve the logging during nwfilter driver initialization when testing the command line tools.
--- src/nwfilter/nwfilter_ebiptables_driver.c | 41 +++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 12 deletions(-)
@@ -4056,8 +4057,14 @@ ebiptablesDriverInit(bool privileged) "%s", CMD_STOPONERR(1));
- if (ebiptablesExecCLI(&buf, NULL, NULL) < 0) - VIR_FREE(ebtables_cmd_path); + if (ebiptablesExecCLI(&buf, NULL, &errmsg) < 0) { + VIR_FREE(ebtables_cmd_path); + VIR_ERROR(_("Testing of ebtables command failed%s%s."),
I'd drop the trailing '.' here and the other two instances (you have no idea if errmsg already has its own trailing '.'. And while we are not a GNU project, the GNU Coding Standards recommend error messages that do not end in a period)
+ errmsg ? ": " : "", + errmsg ? errmsg : ""); + } + } else { + VIR_WARN(_("Could not find 'ebtables' executable.")); }
iptables_cmd_path = virFindFileInPath("iptables"); @@ -4070,8 +4077,14 @@ ebiptablesDriverInit(bool privileged) "%s", CMD_STOPONERR(1));
- if (ebiptablesExecCLI(&buf, NULL, NULL) < 0) - VIR_FREE(iptables_cmd_path); + if (ebiptablesExecCLI(&buf, NULL, &errmsg) < 0) {
I had to check ebiptablesExecCLI to make sure you didn't have a memory leak if two back-to-back calls both populate errmsg (thankfully, you are safe). ACK with the '.' nits fixed. -- Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
On 02/16/2012 04:53 PM, Eric Blake wrote:
On 02/16/2012 01:55 PM, Stefan Berger wrote:
Improve the logging during nwfilter driver initialization when testing the command line tools.
--- I had to check ebiptablesExecCLI to make sure you didn't have a memory leak if two back-to-back calls both populate errmsg (thankfully, you are safe).
ACK with the '.' nits fixed.
Fixed and pushed. There was also an issue with 'make syntax-check' that I also fixed. Stefan
participants (2)
-
Eric Blake -
Stefan Berger