MINOR: sock: add EPERM case in sock_handle_system_err
setns() may return EPERM if thread, that tries to move into different namespace, do not have CAP_SYS_ADMIN capability in its Effective set. So, extending sock_handle_system_err() with this error allows to send appropriate log message and set SF_ERR_PRXCOND (SC termination flag in log) as stream termination error code. This error code can be simply checked with SF_ERR_MASK at protocol layer.
This commit is contained in:
Valentine Krasnobaeva
Willy Tarreau
parent
d3fc982cd7
commit
13ef552488
@ -236,6 +236,13 @@ static int sock_handle_system_err(struct connection *conn, struct proxy *be)
|
||||
conn->err_code = CO_ER_NOPROTO;
|
||||
break;
|
||||
|
||||
case EPERM:
|
||||
send_log(be, LOG_EMERG,
|
||||
"Proxy %s has insufficient permissions to open server socket.\n",
|
||||
be->id);
|
||||
|
||||
return SF_ERR_PRXCOND;
|
||||
|
||||
default:
|
||||
send_log(be, LOG_EMERG,
|
||||
"Proxy %s cannot create a server socket: %s\n",
|
||||
|
||||
Loading…
Reference in New Issue
Block a user