Re: [libvirt] [patch 2/5] Instantiate comments in ip(6)tables rules

2010-09-24 Thread Stefan Berger
Eric Blake wrote on 09/24/2010 06:16:35 PM: > On 09/24/2010 02:22 PM, Stefan Berger wrote: > > I just tried the TCK test without and with double-escaping in libvirtd > > and double-escaping does seem to be necessary otherwise `ls` and $(ls) > > do get executed and their results end up in the com

Re: [libvirt] [patch 2/5] Instantiate comments in ip(6)tables rules

2010-09-24 Thread Eric Blake
On 09/24/2010 02:22 PM, Stefan Berger wrote: I just tried the TCK test without and with double-escaping in libvirtd and double-escaping does seem to be necessary otherwise `ls` and $(ls) do get executed and their results end up in the comment. The spaces are preserved, though, so I can revert the

Re: [libvirt] [patch 2/5] Instantiate comments in ip(6)tables rules

2010-09-24 Thread Stefan Berger
Eric Blake wrote on 09/24/2010 04:01:55 PM: > libvir-list > > On 09/24/2010 01:38 PM, Stefan Berger wrote: > > > To prevent consecutive spaces in comments from becoming a single space > > (by bash), the IFS variable is now set to an empty string. Also, commands > > are now executed using bash

Re: [libvirt] [patch 2/5] Instantiate comments in ip(6)tables rules

2010-09-24 Thread Eric Blake
On 09/24/2010 01:38 PM, Stefan Berger wrote: To prevent consecutive spaces in comments from becoming a single space (by bash), the IFS variable is now set to an empty string. Also, commands are now executed using bash's 'eval' command. -#define CMD_EXEC "res=`${cmd}`" CMD_SEPARATOR +#define

[libvirt] [patch 2/5] Instantiate comments in ip(6)tables rules

2010-09-24 Thread Stefan Berger
In this patch I am extending the rule instantiator to create the comment node where supported, which is the case for iptables and ip6tables. Since commands are written in the format cmd="iptables ...-m comment --comment \"\" " certain characters ("$`\) in the comment need to be escaped (twice) t