[Devel] [PATCH rh7] ve/kmod/ebtable: allow to autoload ebtable_* modules from inside a CT
Kirill Tkhai
ktkhai at virtuozzo.com
Thu May 18 04:25:34 PDT 2017
On 18.05.2017 14:23, Konstantin Khorenko wrote:
> Currently we allow to autoload ebt_* modules upon request from inside a Container but there are several ebtables_* modules to be allowed as well, thus allow all ebt* modules for that.
>
> (Default CentOS7.3 firewalld service inside a CT complains on that)
>
> https://jira.sw.ru/browse/PSBM-66435
>
> Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
Acked-by: Kirill Tkhai <ktkhai at virtuozzo.com>
> ---
> kernel/kmod.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/kmod.c b/kernel/kmod.c
> index 16b64ca..bb7671b 100644
> --- a/kernel/kmod.c
> +++ b/kernel/kmod.c
> @@ -365,8 +365,8 @@ static inline int module_payload_iptable_allowed(const char *module)
> if (!strncmp("arpt_", module, 5))
> return 1;
>
> - /* The rest of ebt_* modules */
> - if (!strncmp("ebt_", module, 4))
> + /* The rest of ebt* modules */
> + if (!strncmp("ebt", module, 3))
> return 1;
>
> /* The rest of nft- modules */
>
More information about the Devel
mailing list