* [PATCH iproute2 0/3] ip vrf: minor error message cleanups
@ 2017-01-06 0:22 David Ahern
2017-01-06 0:22 ` [PATCH iproute2 1/3] ip vrf: Fix run-on error message on mkdir failure David Ahern
` (3 more replies)
0 siblings, 4 replies; 7+ messages in thread
From: David Ahern @ 2017-01-06 0:22 UTC (permalink / raw)
To: netdev, stephen; +Cc: David Ahern
David Ahern (3):
ip vrf: Fix error message when running exec as non-root user
ip vrf: Improve error message for non-root user
ip vrf: Clean up bpf related error messages
ip/ipvrf.c | 6 +++++-
lib/fs.c | 16 ++++++++++++----
2 files changed, 17 insertions(+), 5 deletions(-)
--
2.1.4
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH iproute2 1/3] ip vrf: Fix run-on error message on mkdir failure
2017-01-06 0:22 [PATCH iproute2 0/3] ip vrf: minor error message cleanups David Ahern
@ 2017-01-06 0:22 ` David Ahern
2017-01-06 0:22 ` [PATCH iproute2 2/3] ip vrf: Improve cgroup2 error messages David Ahern
` (2 subsequent siblings)
3 siblings, 0 replies; 7+ messages in thread
From: David Ahern @ 2017-01-06 0:22 UTC (permalink / raw)
To: netdev, stephen; +Cc: David Ahern
Andy reported a missing newline if a non-root user attempts to run
'ip vrf exec':
$ ./ip/ip vrf exec default /bin/echo asdf
mkdir failed for /var/run/cgroup2: Permission deniedFailed to setup vrf cgroup2 directory
Reported-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
---
lib/fs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/fs.c b/lib/fs.c
index 39cc96dccca9..644bb486ae8e 100644
--- a/lib/fs.c
+++ b/lib/fs.c
@@ -121,7 +121,7 @@ int make_path(const char *path, mode_t mode)
if (mkdir(dir, mode) != 0) {
fprintf(stderr,
- "mkdir failed for %s: %s",
+ "mkdir failed for %s: %s\n",
dir, strerror(errno));
goto out;
}
--
2.1.4
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH iproute2 2/3] ip vrf: Improve cgroup2 error messages
2017-01-06 0:22 [PATCH iproute2 0/3] ip vrf: minor error message cleanups David Ahern
2017-01-06 0:22 ` [PATCH iproute2 1/3] ip vrf: Fix run-on error message on mkdir failure David Ahern
@ 2017-01-06 0:22 ` David Ahern
2017-01-06 9:45 ` Sergei Shtylyov
2017-01-06 0:22 ` [PATCH iproute2 3/3] ip vrf: Improve bpf " David Ahern
2017-01-09 20:15 ` [PATCH iproute2 0/3] ip vrf: minor error message cleanups Stephen Hemminger
3 siblings, 1 reply; 7+ messages in thread
From: David Ahern @ 2017-01-06 0:22 UTC (permalink / raw)
To: netdev, stephen; +Cc: David Ahern
Currently, if a non-root user attempts to run ip vrf exec a non-helpful
error is returned:
$ ip vrf exec mgmt bash
Failed to mount cgroup2. Are CGROUPS enabled in your kernel?
Only show the CGROUPS kernel hint for the ENODEV error and for the
rest show the strerror for the errno. So now:
$ ip/ip vrf exec mgmt bash
Failed to mount cgroup2: Operation not permitted
Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
---
lib/fs.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/lib/fs.c b/lib/fs.c
index 644bb486ae8e..12a4657a0bc9 100644
--- a/lib/fs.c
+++ b/lib/fs.c
@@ -80,13 +80,21 @@ char *find_cgroup2_mount(void)
if (mount("none", mnt, CGROUP2_FS_NAME, 0, NULL)) {
/* EBUSY means already mounted */
- if (errno != EBUSY) {
+ if (errno == EBUSY)
+ goto out;
+
+ if (errno == ENODEV) {
fprintf(stderr,
"Failed to mount cgroup2. Are CGROUPS enabled in your kernel?\n");
- free(mnt);
- return NULL;
+ } else {
+ fprintf(stderr,
+ "Failed to mount cgroup2: %s\n",
+ strerror(errno));
}
+ free(mnt);
+ return NULL;
}
+out:
return mnt;
}
--
2.1.4
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH iproute2 3/3] ip vrf: Improve bpf error messages
2017-01-06 0:22 [PATCH iproute2 0/3] ip vrf: minor error message cleanups David Ahern
2017-01-06 0:22 ` [PATCH iproute2 1/3] ip vrf: Fix run-on error message on mkdir failure David Ahern
2017-01-06 0:22 ` [PATCH iproute2 2/3] ip vrf: Improve cgroup2 error messages David Ahern
@ 2017-01-06 0:22 ` David Ahern
2017-01-09 20:15 ` [PATCH iproute2 0/3] ip vrf: minor error message cleanups Stephen Hemminger
3 siblings, 0 replies; 7+ messages in thread
From: David Ahern @ 2017-01-06 0:22 UTC (permalink / raw)
To: netdev, stephen; +Cc: David Ahern
Next up a non-root user gets various bpf related error messages:
$ ip vrf exec mgmt bash
Failed to load BPF prog: 'Operation not permitted'
Kernel compiled with CGROUP_BPF enabled?
Catch the EPERM error and do not show the kernel config option.
Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
---
ip/ipvrf.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/ip/ipvrf.c b/ip/ipvrf.c
index dc8364a43a57..8bd99d6251f2 100644
--- a/ip/ipvrf.c
+++ b/ip/ipvrf.c
@@ -181,7 +181,11 @@ static int vrf_configure_cgroup(const char *path, int ifindex)
if (prog_fd < 0) {
fprintf(stderr, "Failed to load BPF prog: '%s'\n",
strerror(errno));
- fprintf(stderr, "Kernel compiled with CGROUP_BPF enabled?\n");
+
+ if (errno != EPERM) {
+ fprintf(stderr,
+ "Kernel compiled with CGROUP_BPF enabled?\n");
+ }
goto out;
}
--
2.1.4
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH iproute2 2/3] ip vrf: Improve cgroup2 error messages
2017-01-06 0:22 ` [PATCH iproute2 2/3] ip vrf: Improve cgroup2 error messages David Ahern
@ 2017-01-06 9:45 ` Sergei Shtylyov
2017-01-06 15:05 ` David Ahern
0 siblings, 1 reply; 7+ messages in thread
From: Sergei Shtylyov @ 2017-01-06 9:45 UTC (permalink / raw)
To: David Ahern, netdev, stephen
Hello!
On 1/6/2017 3:22 AM, David Ahern wrote:
> Currently, if a non-root user attempts to run ip vrf exec a non-helpful
> error is returned:
>
> $ ip vrf exec mgmt bash
> Failed to mount cgroup2. Are CGROUPS enabled in your kernel?
>
> Only show the CGROUPS kernel hint for the ENODEV error and for the
> rest show the strerror for the errno. So now:
>
> $ ip/ip vrf exec mgmt bash
> Failed to mount cgroup2: Operation not permitted
>
> Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
> ---
> lib/fs.c | 14 +++++++++++---
> 1 file changed, 11 insertions(+), 3 deletions(-)
>
> diff --git a/lib/fs.c b/lib/fs.c
> index 644bb486ae8e..12a4657a0bc9 100644
> --- a/lib/fs.c
> +++ b/lib/fs.c
> @@ -80,13 +80,21 @@ char *find_cgroup2_mount(void)
>
> if (mount("none", mnt, CGROUP2_FS_NAME, 0, NULL)) {
> /* EBUSY means already mounted */
> - if (errno != EBUSY) {
> + if (errno == EBUSY)
> + goto out;
> +
> + if (errno == ENODEV) {
> fprintf(stderr,
> "Failed to mount cgroup2. Are CGROUPS enabled in your kernel?\n");
> - free(mnt);
> - return NULL;
> + } else {
> + fprintf(stderr,
> + "Failed to mount cgroup2: %s\n",
> + strerror(errno));
> }
How about a *switch* instead?
> + free(mnt);
> + return NULL;
> }
> +out:
> return mnt;
> }
>
MBR, Sergei
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH iproute2 2/3] ip vrf: Improve cgroup2 error messages
2017-01-06 9:45 ` Sergei Shtylyov
@ 2017-01-06 15:05 ` David Ahern
0 siblings, 0 replies; 7+ messages in thread
From: David Ahern @ 2017-01-06 15:05 UTC (permalink / raw)
To: Sergei Shtylyov, netdev, stephen
>> @@ -80,13 +80,21 @@ char *find_cgroup2_mount(void)
>>
>> if (mount("none", mnt, CGROUP2_FS_NAME, 0, NULL)) {
>> /* EBUSY means already mounted */
>> - if (errno != EBUSY) {
>> + if (errno == EBUSY)
>> + goto out;
>> +
>> + if (errno == ENODEV) {
>> fprintf(stderr,
>> "Failed to mount cgroup2. Are CGROUPS enabled in your kernel?\n");
>> - free(mnt);
>> - return NULL;
>> + } else {
>> + fprintf(stderr,
>> + "Failed to mount cgroup2: %s\n",
>> + strerror(errno));
>> }
>
> How about a *switch* instead?
I did consider it. Did not make the code simpler or easier to read.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH iproute2 0/3] ip vrf: minor error message cleanups
2017-01-06 0:22 [PATCH iproute2 0/3] ip vrf: minor error message cleanups David Ahern
` (2 preceding siblings ...)
2017-01-06 0:22 ` [PATCH iproute2 3/3] ip vrf: Improve bpf " David Ahern
@ 2017-01-09 20:15 ` Stephen Hemminger
3 siblings, 0 replies; 7+ messages in thread
From: Stephen Hemminger @ 2017-01-09 20:15 UTC (permalink / raw)
To: David Ahern; +Cc: netdev
On Thu, 5 Jan 2017 16:22:20 -0800
David Ahern <dsa@cumulusnetworks.com> wrote:
> David Ahern (3):
> ip vrf: Fix error message when running exec as non-root user
> ip vrf: Improve error message for non-root user
> ip vrf: Clean up bpf related error messages
>
> ip/ipvrf.c | 6 +++++-
> lib/fs.c | 16 ++++++++++++----
> 2 files changed, 17 insertions(+), 5 deletions(-)
>
Looks good, applied.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2017-01-09 20:15 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-01-06 0:22 [PATCH iproute2 0/3] ip vrf: minor error message cleanups David Ahern
2017-01-06 0:22 ` [PATCH iproute2 1/3] ip vrf: Fix run-on error message on mkdir failure David Ahern
2017-01-06 0:22 ` [PATCH iproute2 2/3] ip vrf: Improve cgroup2 error messages David Ahern
2017-01-06 9:45 ` Sergei Shtylyov
2017-01-06 15:05 ` David Ahern
2017-01-06 0:22 ` [PATCH iproute2 3/3] ip vrf: Improve bpf " David Ahern
2017-01-09 20:15 ` [PATCH iproute2 0/3] ip vrf: minor error message cleanups Stephen Hemminger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).