git.ipfire.org Git - thirdparty/iptables.git/commit

author	Lorenzo Colitti <lorenzo@google.com>
	Tue, 14 Mar 2017 08:55:50 +0000 (17:55 +0900)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 14 Mar 2017 10:22:51 +0000 (11:22 +0100)
commit	b91af533f4da15854893ba5cc082e1df6bcf9a97
tree	1504ce846a3a7550057b38f2bc5bb26ce8b3f02e	tree \| snapshot
parent	0e94eb2e0e38cb9df0784e5be530358c692701de	commit \| diff

iptables: set the path of the lock file via a configure option.

Currently the iptables lock is hardcoded as "/run/xtables.lock".
Allow users to change this path using the --with-xt-lock-name
option to ./configure option. This is useful on systems like
Android which do not have /run.

Tested on Ubuntu, as follows:

1. By default, the lock is placed in /run/xtables.lock:

$ make distclean-recursive && ./autogen.sh &&
  ./configure --disable-nftables --prefix /tmp/iptables &&
  make -j64 &&
  make install &&
  sudo strace -e open,flock /tmp/iptables/sbin/iptables -L foo
...
open("/run/xtables.lock", O_RDONLY|O_CREAT, 0600) = 3
flock(3, LOCK_EX|LOCK_NB)               = 0
iptables: No chain/target/match by that name.

2. Specifying the lock results in the expected location being
   used:

$ make distclean-recursive && ./autogen.sh && \
  ./configure --disable-nftables --prefix /tmp/iptables \
  --with-xt-lock-name=/tmp/iptables/run/xtables.lock &&
  make -j64 &&
  make install &&
  sudo strace -e open,flock /tmp/iptables/sbin/iptables -L foo
...
open("/tmp/iptables/run/xtables.lock", O_RDONLY|O_CREAT, 0600) = 3
flock(3, LOCK_EX|LOCK_NB)               = 0
iptables: No chain/target/match by that name.

Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

configure.ac		diff \| blob \| blame \| history
iptables/xshared.c		diff \| blob \| blame \| history