[CRIU] [PATCH] kerndat: redirect iptables output to /dev/null
Pavel Tikhomirov
ptikhomirov at virtuozzo.com
Fri Sep 2 05:45:42 PDT 2016
fix for commit 68a938ea84f4 ("net/iptables: check iptables command has
wait option")
else each criu log contains iptables output:
(00.020184) Found task size of 7ffffffff000
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
(00.029481) irmap: Searching irmap cache in work dir
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
criu/kerndat.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/criu/kerndat.c b/criu/kerndat.c
index 8a639fd..1c0986f 100644
--- a/criu/kerndat.c
+++ b/criu/kerndat.c
@@ -441,12 +441,20 @@ int kerndat_loginuid(bool only_dump)
static int kerndat_iptables_has_xtlocks(void)
{
+ int fd;
char *argv[4] = { "sh", "-c", "iptables -w -L", NULL };
+ fd = open("/dev/null", O_RDWR);
+ if (fd < 0) {
+ fd = -1;
+ pr_perror("failed to open /dev/null, using log fd for xtlocks check");
+ }
+
kdat.has_xtlocks = 1;
- if (cr_system(-1, -1, -1, "sh", argv, CRS_CAN_FAIL) == -1)
+ if (cr_system(fd, fd, fd, "sh", argv, CRS_CAN_FAIL) == -1)
kdat.has_xtlocks = 0;
+ close_safe(&fd);
return 0;
}
--
2.5.5
More information about the CRIU
mailing list