#define CHAINPREFIX_HOST_IN_TEMP 'J'
#define CHAINPREFIX_HOST_OUT_TEMP 'P'
+/* This file generates a temporary shell script. Since ebiptables is
+ Linux-specific, we can be reasonably certain that /bin/sh is more
+ or less POSIX-compliant, so we can use $() and $(()). However, we
+ cannot assume that /bin/sh is bash, so stick to POSIX syntax. */
#define CMD_SEPARATOR "\n"
#define CMD_DEF_PRE "cmd='"
#define CMD_DEF_POST "'"
#define CMD_DEF(X) CMD_DEF_PRE X CMD_DEF_POST
-#define CMD_EXEC "eval res=\\`\"${cmd}\"\\`" CMD_SEPARATOR
+#define CMD_EXEC "eval res=\\$(\"${cmd}\")" CMD_SEPARATOR
#define CMD_STOPONERR(X) \
X ? "if [ $? -ne 0 ]; then" \
" echo \"Failure to execute command '${cmd}'.\";" \
static char *ebtables_cmd_path;
static char *iptables_cmd_path;
static char *ip6tables_cmd_path;
-static char *bash_cmd_path;
static char *grep_cmd_path;
static char *gawk_cmd_path;
" " CMD_DEF("%s -I %s %d -j %s") CMD_SEPARATOR
" " CMD_EXEC
" %s"
- " let r=r+1\n"
+ " r=$(( $r + 1 ))\n"
" " CMD_DEF("%s -D %s ${r}") CMD_SEPARATOR
" " CMD_EXEC
" %s"
virBufferVSprintf(buf,
"res=$(%s -n -L " VIRT_IN_POST_CHAIN
" | grep \"\\%s %s\")\n"
- "if [ \"${res}\" == \"\" ]; then "
+ "if [ \"${res}\" = \"\" ]; then "
CMD_DEF("%s"
" -A " VIRT_IN_POST_CHAIN
" %s %s -j ACCEPT") CMD_SEPARATOR
*
* Write the string into a temporary file and return the name of
* the temporary file. The string is assumed to contain executable
- * commands. A line '#!/bin/bash' will automatically be written
+ * commands. A line '#!/bin/sh' will automatically be written
* as the first line in the file. The permissions of the file are
* set so that the file can be run as an executable script.
*/
char *header;
size_t written;
- virBufferVSprintf(&buf, "#!%s\n", bash_cmd_path);
+ virBufferAddLit(&buf, "#!/bin/sh\n");
if (virBufferError(&buf)) {
virBufferFreeAndReset(&buf);
* commands executed via the script the was run.
*
* Returns 0 in case of success, != 0 in case of an error. The returned
- * value is NOT the result of running the commands inside the bash
+ * value is NOT the result of running the commands inside the shell
* script.
*
- * Execute a sequence of commands (held in the given buffer) as a bash
+ * Execute a sequence of commands (held in the given buffer) as a /bin/sh
* script and return the status of the execution.
*/
static int
if (virMutexInit(&execCLIMutex))
return EINVAL;
- bash_cmd_path = virFindFileInPath("bash");
gawk_cmd_path = virFindFileInPath("gawk");
grep_cmd_path = virFindFileInPath("grep");
VIR_FREE(ip6tables_cmd_path);
}
- /* ip(6)tables support needs bash, gawk & grep, ebtables doesn't */
+ /* ip(6)tables support needs gawk & grep, ebtables doesn't */
if ((iptables_cmd_path != NULL || ip6tables_cmd_path != NULL) &&
- (!grep_cmd_path || !bash_cmd_path || !gawk_cmd_path)) {
+ (!grep_cmd_path || !gawk_cmd_path)) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("essential tools to support ip(6)tables "
"firewalls could not be located"));
ebiptablesDriverShutdown()
{
VIR_FREE(gawk_cmd_path);
- VIR_FREE(bash_cmd_path);
VIR_FREE(grep_cmd_path);
VIR_FREE(ebtables_cmd_path);
VIR_FREE(iptables_cmd_path);
projects / libvirt.git / commitdiff