diff options
author | Thomas Haller <thaller@redhat.com> | 2022-09-27 18:07:01 +0200 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2022-09-29 16:04:17 +0200 |
commit | 403c6de957fc29405fb7e16c7a09668c2542de53 (patch) | |
tree | 35bde6803ad5a4be5f75c439160ef95d83fa1e99 | |
parent | aebfb3461e3f7a43df131640f7daa0ba6e6b1c7b (diff) | |
download | NetworkManager-403c6de957fc29405fb7e16c7a09668c2542de53.tar.gz |
firewall: fail from nm_firewall_nft_call() on non-zero exit code
(cherry picked from commit 02feefb1df15dbd546f98f360196f3624e56b930)
(cherry picked from commit d7bc25b3bdfc6b90853d29cd8553fabb4e9542e0)
-rw-r--r-- | src/core/nm-firewall-utils.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/core/nm-firewall-utils.c b/src/core/nm-firewall-utils.c index 3752928d94..7e92928981 100644 --- a/src/core/nm-firewall-utils.c +++ b/src/core/nm-firewall-utils.c @@ -430,14 +430,21 @@ _fw_nft_call_communicate_cb(GObject *source, GAsyncResult *result, gpointer user } else if (g_subprocess_get_successful(call_data->subprocess)) { nm_log_dbg(LOGD_SHARING, "firewall: nft[%s]: command successful", call_data->identifier); } else { + char buf[NM_UTILS_GET_PROCESS_EXIT_STATUS_BUF_LEN]; gs_free char *ss_stdout = NULL; gs_free char *ss_stderr = NULL; gboolean print_stdout = (stdout_buf && g_bytes_get_size(stdout_buf) > 0); gboolean print_stderr = (stderr_buf && g_bytes_get_size(stderr_buf) > 0); + int status; + + status = g_subprocess_get_status(call_data->subprocess); + + nm_utils_get_process_exit_status_desc_buf(status, buf, sizeof(buf)); nm_log_warn(LOGD_SHARING, - "firewall: nft[%s]: command failed:%s%s%s%s%s%s%s", + "firewall: nft[%s]: command %s:%s%s%s%s%s%s%s", call_data->identifier, + buf, print_stdout || print_stderr ? "" : " unknown reason", NM_PRINT_FMT_QUOTED( print_stdout, @@ -455,6 +462,8 @@ _fw_nft_call_communicate_cb(GObject *source, GAsyncResult *result, gpointer user &ss_stderr), "\")", "")); + + nm_utils_error_set(&error, NM_UTILS_ERROR_COMMAND_FAILED, "nft command %s", buf); } _fw_nft_call_data_free(call_data, g_steal_pointer(&error)); |