mir/criu
2
0
Fork 0
mirror of https://github.com/checkpoint-restore/criu synced 2025-08-22 01:51:51 +00:00
Code Issues Releases Wiki Activity

criu: fix a fatal failure if nft doesn't work

Browse Source 
On some systems, nft binary might not be installed, or some kernel
options might be unconfigured, resulting in something like this:

	sudo unshare -n nft create table inet CRIU
	Error: Could not process rule: Operation not supported
	create table inet CRIU
	^^^^^^^^^^^^^^^^^^^^^^^

This is similar to what kerndat_has_nftables_concat() does, and if the
outcome is the same, it returns an error to kerndat_init(), and an error
from kerndat_init() is considered fatal.

Let's relax the check, returning mere "feature not working" instead of
a fatal error.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
This commit is contained in:
Kir Kolyshkin 2024-05-09 16:16:50 -07:00 committed by Andrei Vagin
parent df178c7e53
commit 13854a988c
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
criu/kerndat.c
View File

@ -1602,7 +1602,9 @@ static int __has_nftables_concat(void *arg)
return 1;
if (NFT_RUN_CMD(nft, "create table inet CRIU")) {
pr_err("Can't create nftables table\n");
pr_warn("Can't create nftables table\n");
*has = false; /* kdat.has_nftables_concat = false */
ret = 0;
goto nft_ctx_free_out;
}