From 1c1ea217357c60ab2f57ea8f20d84166f641f49f Mon Sep 17 00:00:00 2001 From: Evgeny Vereshchagin Date: Thu, 17 Mar 2016 21:06:17 +0000 Subject: [PATCH] nspawn: don't run nspawn --port=... without libiptc support We get $ systemd-nspawn --image /dev/loop1 --port 8080:80 -n -b 3 --port= is not supported, compiled without libiptc support. instead of a ping-nc-iptables debugging session --- src/nspawn/nspawn.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index be07625a03..eb89916b7e 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -977,6 +977,13 @@ static int verify_arguments(void) { return -EINVAL; } +#ifndef HAVE_LIBIPTC + if (arg_expose_ports) { + log_error("--port= is not supported, compiled without libiptc support."); + return -EOPNOTSUPP; + } +#endif + if (arg_start_mode == START_BOOT && arg_kill_signal <= 0) arg_kill_signal = SIGRTMIN+3;