Merge pull request #10231 from estesp/move-iptables-check

Move iptables check out of runtime init() to separate function
2015-01-21 10:46:40 -08:00 · 2015-01-21 10:46:40 -08:00 · feb02197c1
commit feb02197c1
parent a96214b8c6 3ffffc0cff
1 changed files with 17 additions and 8 deletions
--- a/iptables/iptables.go
+++ b/iptables/iptables.go
@ -24,6 +24,7 @@ const (
 )

 var (
+	iptablesPath        string
 	supportsXlock       = false
 	ErrIptablesNotFound = errors.New("Iptables not found")
 )
@ -43,8 +44,17 @@ func (e *ChainError) Error() string {
 	return fmt.Sprintf("Error iptables %s: %s", e.Chain, string(e.Output))
 }

-func init() {
-	supportsXlock = exec.Command("iptables", "--wait", "-L", "-n").Run() == nil
+func initCheck() error {
+
+	if iptablesPath == "" {
+		path, err := exec.LookPath("iptables")
+		if err != nil {
+			return ErrIptablesNotFound
+		}
+		iptablesPath = path
+		supportsXlock = exec.Command(iptablesPath, "--wait", "-L", "-n").Run() == nil
+	}
+	return nil
 }

 func NewChain(name, bridge string, table Table) (*Chain, error) {
@ -258,18 +268,17 @@ func Exists(args ...string) bool {

 // Call 'iptables' system command, passing supplied arguments
 func Raw(args ...string) ([]byte, error) {
-	path, err := exec.LookPath("iptables")
-	if err != nil {
-		return nil, ErrIptablesNotFound
-	}

+	if err := initCheck(); err != nil {
+		return nil, err
+	}
 	if supportsXlock {
 		args = append([]string{"--wait"}, args...)
 	}

-	log.Debugf("%s, %v", path, args)
+	log.Debugf("%s, %v", iptablesPath, args)

-	output, err := exec.Command(path, args...).CombinedOutput()
+	output, err := exec.Command(iptablesPath, args...).CombinedOutput()
 	if err != nil {
 		return nil, fmt.Errorf("iptables failed: iptables %v: %s (%s)", strings.Join(args, " "), output, err)
 	}