netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* A bug in commit: Use flock() for --concurrent option
@ 2018-01-12  8:12 Tangchen (UVP)
  2018-01-15 15:26 ` Phil Sutter
  0 siblings, 1 reply; 2+ messages in thread
From: Tangchen (UVP) @ 2018-01-12  8:12 UTC (permalink / raw)
  To: phil@nwl.cc, pablo@netfilter.org
  Cc: Zhangyanfei (YF), guijianfeng, netfilter-devel@vger.kernel.org

Hello Phil Sutter

I found a problem with this commit, 

Use flock() for --concurrent option
The previous locking mechanism was not atomic, hence it was possible
that a killed ebtables process would leave the lock file in place which
in turn made future ebtables processes wait indefinitely for the lock to
become free.

Fix this by using flock(). This also simplifies code quite a bit because
there is no need for a custom signal handler or an __exit routine
anymore.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

if /var/lib/ebtables/ does not exist, ebtables cannot create the lock file.

# ls /var/lib/ebtables
ls: cannot access /var/lib/ebtables: No such file or directory
# ebtables --concurrent -L
Unable to create lock file /var/lib/ebtables/lock.

Thanks

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2018-01-15 15:26 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-01-12  8:12 A bug in commit: Use flock() for --concurrent option Tangchen (UVP)
2018-01-15 15:26 ` Phil Sutter

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).