On Wed, 2023-12-06 at 13:52 +0100, Florian Westphal wrote: > Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > On Wed, Dec 06, 2023 at 01:33:25PM +0100, Pablo Neira Ayuso wrote: > > > On Wed, Dec 06, 2023 at 01:18:28PM +0100, Florian Westphal wrote: > > > > Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > > > > > The mode without unshare exists for historic reasons, as > > > > > > unshare was > > > > > > added initially. At this point, what is the use of > > > > > > supporting or using > > > > > > that? > > > > > > > > > > This provides an easy way for me to test 'nft monitor'. > > > > > > > > > > I can keep it out of tree if you prefer -U remains broken. > > > > > > > > No no no, I was just asking if '-U' should still run the > > > > feature probes without a netns, which is what its doing right > > > > now. > > > > > > > > Perhaps -U should just disable the unshare for the actual shell > > > > tests, not for the feature probe scripts. > > > > > > Ah, I understand. Fine with me. > > > > Maybe this? > > Fine with me. > Running with -U and still use unshare seems a contradiction. What is the point of "-U" then? I thought, it's to support a kernel where `unshare` doesn't work. If the purpose is "easy way [...] to test 'nft monitor'", can you elaborate how you do that? Are there other uses of "-U"? I think there should be just the proper cleanup after a test/feature- probe. Either by the test/feature-probe themselves, or (better) by "run-test.sh". Thomas
