utils: suppress errors on missing legacy iptables

When the legacy iptables backend is not installed, iptables-legacy-save and ip6tables-legacy-save binaries are missing. This results in the following error messages: (00.062021) iptables has nft backend: iptables-save v1.8.8 (nf_tables) Error (criu/util.c:626): execvp("iptables-legacy-save", ...) failed: No such file or directory (00.062793) Error (criu/util.c:641): exited, status=1 (00.062800) Error (criu/util.c:1566): iptables-legacy-save -V failed (00.069758) iptables has nft backend: ip6tables-save v1.8.8 (nf_tables) Error (criu/util.c:626): execvp("ip6tables-legacy-save", ...) failed: No such file or directory (00.070615) Error (criu/util.c:641): exited, status=1 (00.070624) Error (criu/util.c:1566): ip6tables-legacy-save -V failed (00.070632) skipping iptables dump - no legacy version present (00.070635) skipping ip6tables dump - no legacy version present However, these messages should not be errors, and can be be ignored. With the changes in this patch, the following messages will be included in the logs instead. (00.048281) iptables has nft backend: iptables-save v1.8.7 (nf_tables) (00.048905) iptables-legacy-save -V failed (00.050044) iptables has nft backend: ip6tables-save v1.8.7 (nf_tables) (00.050661) ip6tables-legacy-save -V failed (00.050677) skipping iptables dump - no legacy version present (00.050680) skipping ip6tables dump - no legacy version present Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
checkpoint-restore · Sep 23, 2022 · dd1ca2c · dd1ca2c
1 parent 58257cb
commit dd1ca2c
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 7 deletions.
diff --git a/criu/include/util.h b/criu/include/util.h
@@ -162,7 +162,8 @@ extern int is_anon_link_type(char *link, char *type);
 
 #define is_hex_digit(c) (((c) >= '0' && (c) <= '9') || ((c) >= 'a' && (c) <= 'f') || ((c) >= 'A' && (c) <= 'F'))
 
-#define CRS_CAN_FAIL 0x1 /* cmd can validly exit with non zero code */
+#define CRS_CAN_FAIL   0x1 /* cmd can validly exit with non zero code */
+#define CRS_CAN_ENOENT 0x2 /* cmd can fail with "No such file or directory" */
 
 extern int cr_system(int in, int out, int err, char *cmd, char *const argv[], unsigned flags);
 extern int cr_system_userns(int in, int out, int err, char *cmd, char *const argv[], unsigned flags, int userns_pid);

diff --git a/criu/util.c b/criu/util.c
@@ -623,9 +623,11 @@ int cr_system_userns(int in, int out, int err, char *cmd, char *const argv[], un
 
 		execvp(cmd, argv);
 
-		/* We can't use pr_error() as log file fd is closed. */
-		fprintf(stderr, "Error (%s:%d): " LOG_PREFIX "execvp(\"%s\", ...) failed: %s\n", __FILE__, __LINE__,
-			cmd, strerror(errno));
+		if (!(errno == ENOENT && (flags & CRS_CAN_ENOENT))) {
+			/* We can't use pr_error() as log file fd is closed. */
+			fprintf(stderr, "Error (%s:%d): " LOG_PREFIX "execvp(\"%s\", ...) failed: %s\n", __FILE__,
+				__LINE__, cmd, strerror(errno));
+		}
 	out_chld:
 		_exit(1);
 	}
@@ -638,7 +640,7 @@ int cr_system_userns(int in, int out, int err, char *cmd, char *const argv[], un
 		}
 
 		if (WIFEXITED(status)) {
-			if (!(flags & CRS_CAN_FAIL) && WEXITSTATUS(status))
+			if (!(flags & CRS_CAN_ENOENT) && !(flags & CRS_CAN_FAIL) && WEXITSTATUS(status))
 				pr_err("exited, status=%d\n", WEXITSTATUS(status));
 			break;
 		} else if (WIFSIGNALED(status)) {
@@ -1562,9 +1564,9 @@ static int is_iptables_nft(char *bin)
 		goto err;
 	}
 
-	ret = cr_system(-1, pfd[1], -1, cmd[0], cmd, 0);
+	ret = cr_system(-1, pfd[1], -1, cmd[0], cmd, CRS_CAN_ENOENT);
 	if (ret) {
-		pr_err("%s -V failed\n", cmd[0]);
+		pr_debug("%s -V failed\n", cmd[0]);
 		goto err;
 	}