mir/criu
2
0
Fork 0
mirror of https://github.com/checkpoint-restore/criu synced 2025-08-22 09:58:09 +00:00
Code Issues Releases Wiki Activity

iptables: use cr_system instead of system

Browse Source 
We are going to detect parasite crashes. For that we are goint to check
all unwaited processes in SIGCHLD handler.

cr_system blocks SIGCHLD and unblocks it after waiting a target process.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This commit is contained in:
Andrey Vagin 2013-10-02 19:29:23 +04:00 committed by Pavel Emelyanov
parent 29c3e84234
commit 1009c8bb50
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
netfilter.c
View File

@ -32,6 +32,7 @@ static int nf_connection_switch_raw(int family, u32 *src_addr, u16 src_port,
{ {
char sip[INET_ADDR_LEN], dip[INET_ADDR_LEN]; char sip[INET_ADDR_LEN], dip[INET_ADDR_LEN];
char *cmd; char *cmd;
char *argv[4] = { "sh", "-c", buf, NULL };
int ret; int ret;
switch (family) { switch (family) {
@ -58,7 +59,12 @@ static int nf_connection_switch_raw(int family, u32 *src_addr, u16 src_port,
dip, (int)dst_port, sip, (int)src_port); dip, (int)dst_port, sip, (int)src_port);
pr_debug("\tRunning iptables [%s]\n", buf); pr_debug("\tRunning iptables [%s]\n", buf);
ret = system(buf);
/*
* cr_system is used here, because it blocks SIGCHLD before waiting
* a child and the child can't be waited from SIGCHLD handler.
*/
ret = cr_system(-1, -1, -1, "sh", argv);
if (ret < 0 || !WIFEXITED(ret) || WEXITSTATUS(ret)) { if (ret < 0 || !WIFEXITED(ret) || WEXITSTATUS(ret)) {
pr_perror("Iptables configuration failed"); pr_perror("Iptables configuration failed");
return -1; return -1;