mir/criu
2
0
Fork 0
mirror of https://github.com/checkpoint-restore/criu synced 2025-08-30 22:05:36 +00:00
Code Issues Releases Wiki Activity

net: handle a case when --empty net is set only for criu dump

Browse Source 
The origin idea was to set --empty net for criu dump and criu restore,
but before cde33dcb06 ("empty-ns: Don't C/R iptables too (v2)"),
criu restore worked without --empty net and we didn't notice that
docker doesn't set this option on restore.

After a small brainstorm, we decided that it is better to remove
this requirement. Docker has to set this option, but with this changes,
the docker issue will be less urgent.

https://github.com/checkpoint-restore/criu/issues/393
This commit is contained in:
Andrei Vagin
2017-10-05 20:44:44 +03:00
parent 91bc6e072a
commit 832dfed777
1 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
criu/net.c
View File

@@ -1541,13 +1541,18 @@ static inline int restore_iptables(int pid)
struct cr_img *img;
img = open_image(CR_FD_IPTABLES, O_RSTR, pid);
if (img) {
ret = run_iptables_tool("iptables-restore", img_raw_fd(img), -1);
close_image(img);
if (img == NULL)
return -1;
if (empty_image(img)) {
ret = 0;
goto ipt6;
}
ret = run_iptables_tool("iptables-restore", img_raw_fd(img), -1);
close_image(img);
if (ret)
return ret;
ipt6:
img = open_image(CR_FD_IP6TABLES, O_RSTR, pid);
if (img == NULL)
return -1;