Phil Sutter <phil@xxxxxx> writes:
> Hi,
>
> On Tue, Jul 14, 2020 at 06:52:06PM +0200, Giuseppe Scrivano wrote:
>> allow users to override at runtime the lock file to use through the
>> XTABLES_LOCKFILE environment variable.
>>
>> It allows using iptables from a network namespace owned by an user
>> that has no write access to XT_LOCK_NAME (by default under /run), and
>> without setting up a new mount namespace.
>>
>> $ XTABLES_LOCKFILE=/tmp/xtables unshare -rn iptables ...
>>
>> Signed-off-by: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
>> ---
>> iptables/xshared.c | 7 ++++++-
>> 1 file changed, 6 insertions(+), 1 deletion(-)
>>
>> diff --git a/iptables/xshared.c b/iptables/xshared.c
>> index c1d1371a..291f1c4b 100644
>> --- a/iptables/xshared.c
>> +++ b/iptables/xshared.c
>> @@ -248,13 +248,18 @@ void xs_init_match(struct xtables_match *match)
>>
>> static int xtables_lock(int wait, struct timeval *wait_interval)
>> {
>> + const *lock_file;
>
> This does not look right. Typo?
yes sorry, I've messed it up. I'll send a v2.
Thanks,
Giuseppe
