Since:

  commit 9f4e35dc73ec9e940aa61bc7c140c2b800218ef3
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   Mon Mar 18 17:31:21 2019 +0000

    network: improve error report when firewall chain creation fails

We cache an error when failing to create the top level firewall chains.
This commit failed to account for fact that we may invoke
networkPreReloadFirewallRules() many times while libvirtd is running.
For example when firewalld is restarted.

When this happens the original failure may no longer occurr and we'll
successfully create our top level chains. We failed to clear the cached
error resulting in us failing to start virtual networks.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 src/network/bridge_driver_linux.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/network/bridge_driver_linux.c b/src/network/bridge_driver_linux.c
index 50fc197134..f2827543ca 100644
--- a/src/network/bridge_driver_linux.c
+++ b/src/network/bridge_driver_linux.c
@@ -55,6 +55,9 @@ void networkPreReloadFirewallRules(bool startup)
     if (rc < 0) {
         errInitV4 = virSaveLastError();
         virResetLastError();
+    } else {
+        virFreeError(errInitV4);
+        errInitV4 = NULL;
     }
     if (rc)
         created = true;
@@ -63,6 +66,9 @@ void networkPreReloadFirewallRules(bool startup)
     if (rc < 0) {
         errInitV6 = virSaveLastError();
         virResetLastError();
+    } else {
+        virFreeError(errInitV6);
+        errInitV6 = NULL;
     }
     if (rc)
         created = true;
-- 
2.20.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

On 4/12/19 11:56 AM, Daniel P. Berrangé wrote:
> Since:
>
>    commit 9f4e35dc73ec9e940aa61bc7c140c2b800218ef3
>    Author: Daniel P. Berrangé <berrange@redhat.com>
>    Date:   Mon Mar 18 17:31:21 2019 +0000
>
>      network: improve error report when firewall chain creation fails
>
> We cache an error when failing to create the top level firewall chains.
> This commit failed to account for fact that we may invoke
> networkPreReloadFirewallRules() many times while libvirtd is running.
> For example when firewalld is restarted.
>
> When this happens the original failure may no longer occurr and we'll
> successfully create our top level chains. We failed to clear the cached
> error resulting in us failing to start virtual networks.
>
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


Reviewed-by: Laine Stump <laine@laine.org>


> ---
>   src/network/bridge_driver_linux.c | 6 ++++++
>   1 file changed, 6 insertions(+)
>
> diff --git a/src/network/bridge_driver_linux.c b/src/network/bridge_driver_linux.c
> index 50fc197134..f2827543ca 100644
> --- a/src/network/bridge_driver_linux.c
> +++ b/src/network/bridge_driver_linux.c
> @@ -55,6 +55,9 @@ void networkPreReloadFirewallRules(bool startup)
>       if (rc < 0) {
>           errInitV4 = virSaveLastError();
>           virResetLastError();
> +    } else {
> +        virFreeError(errInitV4);
> +        errInitV4 = NULL;
>       }
>       if (rc)
>           created = true;
> @@ -63,6 +66,9 @@ void networkPreReloadFirewallRules(bool startup)
>       if (rc < 0) {
>           errInitV6 = virSaveLastError();
>           virResetLastError();
> +    } else {
> +        virFreeError(errInitV6);
> +        errInitV6 = NULL;
>       }
>       if (rc)
>           created = true;


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list