[pve-devel] [PATCH proxmox-firewall 1/2] firewall: wait for nft process
Stefan Hanreich
s.hanreich at proxmox.com
Fri Apr 19 15:00:25 CEST 2024
NftClient never waits for the child process to terminate leading to
defunct leftover processes.
Signed-off-by: Stefan Hanreich <s.hanreich at proxmox.com>
---
proxmox-nftables/src/client.rs | 38 ++++++++--------------------------
1 file changed, 9 insertions(+), 29 deletions(-)
diff --git a/proxmox-nftables/src/client.rs b/proxmox-nftables/src/client.rs
index 69e464b..eaa3dd2 100644
--- a/proxmox-nftables/src/client.rs
+++ b/proxmox-nftables/src/client.rs
@@ -36,35 +36,15 @@ impl NftClient {
return Err(NftError::from(error));
};
- let mut error_output = String::new();
-
- match child
- .stderr
- .take()
- .expect("can get stderr")
- .read_to_string(&mut error_output)
- {
- Ok(_) if !error_output.is_empty() => {
- return Err(NftError::Command(error_output));
- }
- Err(error) => {
- return Err(NftError::from(error));
- }
- _ => (),
- };
-
- let mut output = String::new();
-
- if let Err(error) = child
- .stdout
- .take()
- .expect("can get stdout")
- .read_to_string(&mut output)
- {
- return Err(NftError::from(error));
- };
-
- Ok(output)
+ let output = child.wait_with_output().map_err(NftError::from)?;
+
+ if output.status.success() {
+ Ok(String::from_utf8(output.stdout).expect("output is valid utf-8"))
+ } else {
+ Err(NftError::Command(
+ String::from_utf8(output.stderr).expect("output is valid utf-8"),
+ ))
+ }
}
pub fn run_json_commands(commands: &Commands) -> Result<Option<CommandOutput>, NftError> {
--
2.39.2
More information about the pve-devel
mailing list