From 0827c6ea4a98d183a1f82e1215ae9b95add10ecd Mon Sep 17 00:00:00 2001 From: Radostin Stoyanov Date: Fri, 23 Sep 2022 15:59:04 +0100 Subject: [PATCH] utils: suppress errors on missing legacy iptables When the legacy iptables backend is not installed, iptables-legacy-save and ip6tables-legacy-save binary files are missing. This results in the following error messages: (00.062021) iptables has nft backend: iptables-save v1.8.8 (nf_tables) Error (criu/util.c:626): execvp("iptables-legacy-save", ...) failed: No such file or directory (00.062793) Error (criu/util.c:641): exited, status=1 (00.062800) Error (criu/util.c:1566): iptables-legacy-save -V failed (00.069758) iptables has nft backend: ip6tables-save v1.8.8 (nf_tables) Error (criu/util.c:626): execvp("ip6tables-legacy-save", ...) failed: No such file or directory (00.070615) Error (criu/util.c:641): exited, status=1 (00.070624) Error (criu/util.c:1566): ip6tables-legacy-save -V failed (00.070632) skipping iptables dump - no legacy version present (00.070635) skipping ip6tables dump - no legacy version present The error messages "No such file or directory" can be be ignored. This patch avoids printing out the unnecessary and confusing error messages. Instead only the following messages will be included in the logs: (00.048281) iptables has nft backend: iptables-save v1.8.7 (nf_tables) (00.048905) iptables-legacy-save -V failed (00.050044) iptables has nft backend: ip6tables-save v1.8.7 (nf_tables) (00.050661) ip6tables-legacy-save -V failed (00.050677) skipping iptables dump - no legacy version present (00.050680) skipping ip6tables dump - no legacy version present Signed-off-by: Radostin Stoyanov --- criu/include/util.h | 3 ++- criu/util.c | 20 ++++++++++++++------ 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/criu/include/util.h b/criu/include/util.h index 4e29c079ef0..0d18972dd1d 100644 --- a/criu/include/util.h +++ b/criu/include/util.h @@ -162,7 +162,8 @@ extern int is_anon_link_type(char *link, char *type); #define is_hex_digit(c) (((c) >= '0' && (c) <= '9') || ((c) >= 'a' && (c) <= 'f') || ((c) >= 'A' && (c) <= 'F')) -#define CRS_CAN_FAIL 0x1 /* cmd can validly exit with non zero code */ +#define CRS_CAN_FAIL 0x1 /* cmd can validly exit with non zero code */ +#define CRS_CAN_ENOENT 0x2 /* cmd can fail with "No such file or directory" */ extern int cr_system(int in, int out, int err, char *cmd, char *const argv[], unsigned flags); extern int cr_system_userns(int in, int out, int err, char *cmd, char *const argv[], unsigned flags, int userns_pid); diff --git a/criu/util.c b/criu/util.c index 060ca3bd447..e8d7f4db121 100644 --- a/criu/util.c +++ b/criu/util.c @@ -623,9 +623,13 @@ int cr_system_userns(int in, int out, int err, char *cmd, char *const argv[], un execvp(cmd, argv); + if (errno == ENOENT && (flags & CRS_CAN_ENOENT)) { + _exit(ENOENT); + } + /* We can't use pr_error() as log file fd is closed. */ - fprintf(stderr, "Error (%s:%d): " LOG_PREFIX "execvp(\"%s\", ...) failed: %s\n", __FILE__, __LINE__, - cmd, strerror(errno)); + fprintf(stderr, "Error (%s:%d): " LOG_PREFIX "execvp(\"%s\", ...) failed: %s\n", __FILE__, + __LINE__, cmd, strerror(errno)); out_chld: _exit(1); } @@ -638,8 +642,12 @@ int cr_system_userns(int in, int out, int err, char *cmd, char *const argv[], un } if (WIFEXITED(status)) { - if (!(flags & CRS_CAN_FAIL) && WEXITSTATUS(status)) - pr_err("exited, status=%d\n", WEXITSTATUS(status)); + int exit_status = WEXITSTATUS(status); + /* Don't print error message for ENOENT (No such file or directory) + * when CRS_CAN_ENOENT flag has been set. */ + if (exit_status != ENOENT || !(flags & CRS_CAN_ENOENT)) + if (!(flags & CRS_CAN_FAIL) && exit_status) + pr_err("exited, status=%d\n", WEXITSTATUS(status)); break; } else if (WIFSIGNALED(status)) { pr_err("killed by signal %d: %s\n", WTERMSIG(status), strsignal(WTERMSIG(status))); @@ -1562,9 +1570,9 @@ static int is_iptables_nft(char *bin) goto err; } - ret = cr_system(-1, pfd[1], -1, cmd[0], cmd, 0); + ret = cr_system(-1, pfd[1], -1, cmd[0], cmd, CRS_CAN_ENOENT); if (ret) { - pr_err("%s -V failed\n", cmd[0]); + pr_debug("%s -V failed\n", cmd[0]); goto err; }