01/01: gnu: docker: Check for error on XFRM.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: docker: Check for error on XFRM.

From:	guix-commits
Subject:	01/01: gnu: docker: Check for error on XFRM.
Date:	Sun, 14 Apr 2019 13:04:56 -0400 (EDT)

dannym pushed a commit to branch master
in repository guix.

commit e74a08f921eb4c7cc14cf0d48bb6cdaa01d32569
Author: Danny Milosavljevic <address@hidden>
Date:   Thu Apr 11 16:34:58 2019 +0200

    gnu: docker: Check for error on XFRM.
    
    * gnu/packages/patches/docker-use-fewer-modprobes.patch: Check for error on
    XFRM.
---
 .../patches/docker-use-fewer-modprobes.patch       | 30 +++++++++++++++++-----
 1 file changed, 24 insertions(+), 6 deletions(-)

diff --git a/gnu/packages/patches/docker-use-fewer-modprobes.patch 
b/gnu/packages/patches/docker-use-fewer-modprobes.patch
index 2779e1b..4e4a45b 100644
--- a/gnu/packages/patches/docker-use-fewer-modprobes.patch
+++ b/gnu/packages/patches/docker-use-fewer-modprobes.patch
@@ -103,17 +103,35 @@ See <https://github.com/moby/moby/pull/38930>.
  
 --- 
docker-18.09.0-checkout/vendor/github.com/docker/libnetwork/ns/init_linux.go.orig
  2019-03-19 11:23:20.738316699 +0100
 +++ 
docker-18.09.0-checkout/vendor/github.com/docker/libnetwork/ns/init_linux.go    
   2019-03-19 11:27:57.149753073 +0100
-@@ -100,12 +100,7 @@
+@@ -76,12 +76,8 @@ func NlHandle() *netlink.Handle {
+ func getSupportedNlFamilies() []int {
+       fams := []int{syscall.NETLINK_ROUTE}
+       // NETLINK_XFRM test
+-      if err := loadXfrmModules(); err != nil {
+-              if checkXfrmSocket() != nil {
+-                      logrus.Warnf("Could not load necessary modules for 
IPSEC rules: %v", err)
+-              } else {
+-                      fams = append(fams, syscall.NETLINK_XFRM)
+-              }
++      if err := checkXfrmSocket(); err != nil {
++              logrus.Warnf("Could not load necessary modules for IPSEC rules: 
%v", err)
+       } else {
+               fams = append(fams, syscall.NETLINK_XFRM)
+       }
+@@ -99,16 +95,6 @@ func getSupportedNlFamilies() []int {
+       return fams
  }
  
- func loadXfrmModules() error {
+-func loadXfrmModules() error {
 -      if out, err := exec.Command("modprobe", "-va", 
"xfrm_user").CombinedOutput(); err != nil {
 -              return fmt.Errorf("Running modprobe xfrm_user failed with 
message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
 -      }
 -      if out, err := exec.Command("modprobe", "-va", 
"xfrm_algo").CombinedOutput(); err != nil {
 -              return fmt.Errorf("Running modprobe xfrm_algo failed with 
message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
 -      }
-+      // Those are automatically loaded when someone opens the socket anyway.
-       return nil
- }
- 
+-      return nil
+-}
+-
+ // API check on required xfrm modules (xfrm_user, xfrm_algo)
+ func checkXfrmSocket() error {
+       fd, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_RAW, 
syscall.NETLINK_XFRM)

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (9a018b9 -> e74a08f), guix-commits, 2019/04/14
- 01/01: gnu: docker: Check for error on XFRM., guix-commits <=

Prev by Date: branch master updated (9a018b9 -> e74a08f)
Next by Date: 01/01: doc: Fix typo.
Previous by thread: branch master updated (9a018b9 -> e74a08f)
Next by thread: branch master updated (e74a08f -> a0b419b)
Index(es):
- Date
- Thread