iptables: accept lock file name at runtime
allow users to override at runtime the lock file to use through the
XTABLES_LOCKFILE environment variable.
It allows to use iptables when the user has granted enough
capabilities (e.g. a user+network namespace) to configure the network
but that lacks access to the XT_LOCK_NAME (by default placed under
/run).
$ XTABLES_LOCKFILE=/tmp/xtables unshare -rn iptables ...
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
3 files changed
