[lxc-devel] [lxc/master] log: change LOG macros using strerror to SYS* macros

2xsec on Github lxc-bot at linuxcontainers.org
Tue Jun 26 08:29:05 UTC 2018


A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 375 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180626/caefd24b/attachment.bin>
-------------- next part --------------
From a24c5678a91b66d7a1c6ca0e5ed3a958e57cd17d Mon Sep 17 00:00:00 2001
From: 2xsec <dh48.jeong at samsung.com>
Date: Tue, 26 Jun 2018 14:06:09 +0900
Subject: [PATCH 1/4] log: change WARN macro using strerror to SYSWARN

Signed-off-by: 2xsec <dh48.jeong at samsung.com>
---
 src/lxc/attach.c          |  8 ++++----
 src/lxc/caps.c            |  3 +--
 src/lxc/cgroups/cgfsng.c  | 10 ++++------
 src/lxc/commands.c        |  8 ++++----
 src/lxc/conf.c            | 12 +++++-------
 src/lxc/monitor.c         |  2 +-
 src/lxc/network.c         | 13 +++++++------
 src/lxc/seccomp.c         | 26 +++++++++++++++++---------
 src/lxc/start.c           |  7 +++----
 src/lxc/storage/btrfs.c   |  3 +--
 src/lxc/storage/overlay.c |  8 ++++----
 src/lxc/terminal.c        |  7 +++----
 12 files changed, 54 insertions(+), 53 deletions(-)

diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 429a5d86c..7f1fb9f6b 100644
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -380,7 +380,7 @@ static int lxc_attach_set_environment(struct lxc_proc_context_info *init_ctx,
 				if (extra_keep_store[i]) {
 					ret = setenv(extra_keep[i], extra_keep_store[i], 1);
 					if (ret < 0)
-						WARN("%s - Failed to set environment variable", strerror(errno));
+						SYSWARN("Failed to set environment variable");
 				}
 				free(extra_keep_store[i]);
 			}
@@ -395,13 +395,13 @@ static int lxc_attach_set_environment(struct lxc_proc_context_info *init_ctx,
 		if (!path_kept) {
 			ret = setenv("PATH", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 1);
 			if (ret < 0)
-				WARN("%s - Failed to set environment variable", strerror(errno));
+				SYSWARN("Failed to set environment variable");
 		}
 	}
 
 	ret = putenv("container=lxc");
 	if (ret < 0) {
-		WARN("%s - Failed to set environment variable", strerror(errno));
+		SYSWARN("Failed to set environment variable");
 		return -1;
 	}
 
@@ -435,7 +435,7 @@ static int lxc_attach_set_environment(struct lxc_proc_context_info *init_ctx,
 
 			ret = putenv(p);
 			if (ret < 0)
-				WARN("%s - Failed to set environment variable", strerror(errno));
+				SYSWARN("Failed to set environment variable");
 		}
 	}
 
diff --git a/src/lxc/caps.c b/src/lxc/caps.c
index 6665af217..9e6a08a9f 100644
--- a/src/lxc/caps.c
+++ b/src/lxc/caps.c
@@ -196,8 +196,7 @@ int lxc_ambient_caps_up(void)
 	for (cap = 0; cap <= last_cap; cap++) {
 		ret = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, cap, 0, 0);
 		if (ret < 0) {
-			WARN("%s - Failed to raise ambient capability %d",
-			     strerror(errno), cap);
+			SYSWARN("Failed to raise ambient capability %d", cap);
 			goto out;
 		}
 	}
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index fedb9a063..b514a7bb6 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -1082,14 +1082,14 @@ static int recursive_destroy(char *dirname)
 	ret = rmdir(dirname);
 	if (ret < 0) {
 		if (!r)
-			WARN("%s - Failed to delete \"%s\"", strerror(errno), dirname);
+			SYSWARN("Failed to delete \"%s\"", dirname);
 		r = -1;
 	}
 
 	ret = closedir(dir);
 	if (ret < 0) {
 		if (!r)
-			WARN("%s - Failed to delete \"%s\"", strerror(errno), dirname);
+			SYSWARN("Failed to delete \"%s\"", dirname);
 		r = -1;
 	}
 
@@ -1398,15 +1398,13 @@ static int chowmod(char *path, uid_t chown_uid, gid_t chown_gid,
 
 	ret = chown(path, chown_uid, chown_gid);
 	if (ret < 0) {
-		WARN("%s - Failed to chown(%s, %d, %d)", strerror(errno), path,
-		     (int)chown_uid, (int)chown_gid);
+		SYSWARN("Failed to chown(%s, %d, %d)", path, (int)chown_uid, (int)chown_gid);
 		return -1;
 	}
 
 	ret = chmod(path, chmod_mode);
 	if (ret < 0) {
-		WARN("%s - Failed to chmod(%s, %d)", strerror(errno), path,
-		     (int)chmod_mode);
+		SYSWARN("Failed to chmod(%s, %d)", path, (int)chmod_mode);
 		return -1;
 	}
 
diff --git a/src/lxc/commands.c b/src/lxc/commands.c
index 8c1a03d58..ca77affd4 100644
--- a/src/lxc/commands.c
+++ b/src/lxc/commands.c
@@ -126,8 +126,9 @@ static int lxc_cmd_rsp_recv(int sock, struct lxc_cmd_rr *cmd)
 
 	ret = lxc_abstract_unix_recv_fds(sock, &rspfd, 1, rsp, sizeof(*rsp));
 	if (ret < 0) {
-		WARN("%s - Failed to receive response for command \"%s\"",
-		     strerror(errno), lxc_cmd_str(cmd->req.cmd));
+		SYSWARN("Failed to receive response for command \"%s\"",
+		        lxc_cmd_str(cmd->req.cmd));
+
 		if (errno == ECONNRESET)
 			return -ECONNRESET;
 
@@ -218,8 +219,7 @@ static int lxc_cmd_rsp_send(int fd, struct lxc_cmd_rsp *rsp)
 
 	ret = send(fd, rsp->data, rsp->datalen, 0);
 	if (ret < 0 || ret != (ssize_t)rsp->datalen) {
-		WARN("%s - Failed to send command response data %zd",
-		     strerror(errno), ret);
+		SYSWARN("Failed to send command response data %zd", ret);
 		return -1;
 	}
 
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 4e7dc379b..cc97ea9d1 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -986,15 +986,13 @@ int lxc_allocate_ttys(struct lxc_conf *conf)
 		/* Prevent leaking the file descriptors to the container */
 		ret = fcntl(tty->master, F_SETFD, FD_CLOEXEC);
 		if (ret < 0)
-			WARN("Failed to set FD_CLOEXEC flag on master fd %d of "
-			     "tty device \"%s\": %s",
-			     tty->master, tty->name, strerror(errno));
+			SYSWARN("Failed to set FD_CLOEXEC flag on master fd %d of "
+			        "tty device \"%s\"", tty->master, tty->name);
 
 		ret = fcntl(tty->slave, F_SETFD, FD_CLOEXEC);
 		if (ret < 0)
-			WARN("Failed to set FD_CLOEXEC flag on slave fd %d of "
-			     "tty device \"%s\": %s",
-			     tty->slave, tty->name, strerror(errno));
+			SYSWARN("Failed to set FD_CLOEXEC flag on slave fd %d of "
+			        "tty device \"%s\"", tty->slave, tty->name);
 
 		tty->busy = 0;
 	}
@@ -1549,7 +1547,7 @@ static int lxc_setup_devpts(struct lxc_conf *conf)
 
 	ret = umount2("/dev/pts", MNT_DETACH);
 	if (ret < 0)
-		WARN("%s - Failed to unmount old devpts instance", strerror(errno));
+		SYSWARN("Failed to unmount old devpts instance");
 	else
 		DEBUG("Unmounted old devpts instance");
 
diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c
index ed223a5b2..5c866ae84 100644
--- a/src/lxc/monitor.c
+++ b/src/lxc/monitor.c
@@ -113,7 +113,7 @@ static void lxc_monitor_fifo_send(struct lxc_msg *msg, const char *lxcpath)
 		if (errno == ENXIO || errno == ENOENT)
 			return;
 
-		WARN("%s - Failed to open fifo to send message", strerror(errno));
+		SYSWARN("Failed to open fifo to send message");
 		return;
 	}
 
diff --git a/src/lxc/network.c b/src/lxc/network.c
index c147d10ba..3f15590b2 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -2599,10 +2599,10 @@ bool lxc_delete_network_priv(struct lxc_handler *handler)
 			     netdev->name[0] != '\0' ? netdev->name : "(null)",
 			     netdev->ifindex);
 		} else if (ret < 0) {
-			WARN("Failed to remove interface \"%s\" with "
-			     "index %d: %s",
-			     netdev->name[0] != '\0' ? netdev->name : "(null)",
-			     netdev->ifindex, strerror(-ret));
+			errno = -ret;
+			SYSWARN("Failed to remove interface \"%s\" with index %d",
+			        netdev->name[0] != '\0' ? netdev->name : "(null)",
+			        netdev->ifindex);
 			goto clear_ifindices;
 		}
 		INFO("Removed interface \"%s\" with index %d",
@@ -2624,8 +2624,9 @@ bool lxc_delete_network_priv(struct lxc_handler *handler)
 
 		ret = lxc_netdev_delete_by_name(hostveth);
 		if (ret < 0) {
-			WARN("Failed to remove interface \"%s\" from \"%s\": %s",
-			     hostveth, netdev->link, strerror(-ret));
+			errno = -ret;
+			SYSWARN("Failed to remove interface \"%s\" from \"%s\"",
+			        hostveth, netdev->link);
 			goto clear_ifindices;
 		}
 		INFO("Removed interface \"%s\" from \"%s\"", hostveth, netdev->link);
diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 1fbaa429b..80a7ef176 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -427,8 +427,10 @@ scmp_filter_ctx get_new_ctx(enum lxc_hostarch_t n_arch,
 
 #ifdef SCMP_FLTATR_ATL_TSKIP
 	ret = seccomp_attr_set(ctx, SCMP_FLTATR_ATL_TSKIP, 1);
-	if (ret < 0)
-		WARN("%s - Failed to turn on seccomp nop-skip, continuing", strerror(-ret));
+	if (ret < 0) {
+		errno = -ret;
+		SYSWARN("Failed to turn on seccomp nop-skip, continuing");
+	}
 #endif
 
 	ret = seccomp_arch_exist(ctx, arch);
@@ -730,8 +732,10 @@ static int parse_config_v2(FILE *f, char *line, size_t *line_bufsz, struct lxc_c
 
 #ifdef SCMP_FLTATR_ATL_TSKIP
 		ret = seccomp_attr_set(conf->seccomp_ctx, SCMP_FLTATR_ATL_TSKIP, 1);
-		if (ret < 0)
-			WARN("%s - Failed to turn on seccomp nop-skip, continuing", strerror(-ret));
+		if (ret < 0) {
+			errno = -ret;
+			SYSWARN("Failed to turn on seccomp nop-skip, continuing");
+		}
 #endif
 	}
 
@@ -1156,11 +1160,13 @@ int lxc_read_seccomp_config(struct lxc_conf *conf)
 		ERROR("%s - Failed to turn off no-new-privs", strerror(-ret));
 		return -1;
 	}
+
 #ifdef SCMP_FLTATR_ATL_TSKIP
 	ret = seccomp_attr_set(conf->seccomp_ctx, SCMP_FLTATR_ATL_TSKIP, 1);
-	if (ret < 0)
-		WARN("%s - Failed to turn on seccomp nop-skip, continuing",
-		     strerror(-ret));
+	if (ret < 0) {
+		errno = -ret;
+		SYSWARN("Failed to turn on seccomp nop-skip, continuing");
+	}
 #endif
 
 	f = fopen(conf->seccomp, "r");
@@ -1203,8 +1209,10 @@ int lxc_seccomp_load(struct lxc_conf *conf)
 	    lxc_log_fd >= 0) {
 		ret = seccomp_export_pfc(conf->seccomp_ctx, lxc_log_fd);
 		/* Just give an warning when export error */
-		if (ret < 0)
-			WARN("%s - Failed to export seccomp filter to log file", strerror(-ret));
+		if (ret < 0) {
+			errno = -ret;
+			SYSWARN("Failed to export seccomp filter to log file");
+		}
 	}
 #endif
 
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 2dae6652a..8359d356a 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -160,8 +160,7 @@ static int lxc_try_preserve_ns(const int pid, const char *ns)
 			return -EINVAL;
 		}
 
-		WARN("%s - Kernel does not support preserving %s namespaces",
-		     strerror(errno), ns);
+		SYSWARN("Kernel does not support preserving %s namespaces", ns);
 		return -EOPNOTSUPP;
 	}
 
@@ -228,7 +227,7 @@ int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
 restart:
 	dir = opendir("/proc/self/fd");
 	if (!dir) {
-		WARN("%s - Failed to open directory", strerror(errno));
+		SYSWARN("Failed to open directory");
 		return -1;
 	}
 
@@ -987,7 +986,7 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
 	/* Reset mask set by setup_signal_fd. */
 	ret = pthread_sigmask(SIG_SETMASK, &handler->oldmask, NULL);
 	if (ret < 0)
-		WARN("%s - Failed to restore signal mask", strerror(errno));
+		SYSWARN("Failed to restore signal mask");
 
 	lxc_terminal_delete(&handler->conf->console);
 	lxc_delete_tty(&handler->conf->ttys);
diff --git a/src/lxc/storage/btrfs.c b/src/lxc/storage/btrfs.c
index f30dc4703..ad5d51e7e 100644
--- a/src/lxc/storage/btrfs.c
+++ b/src/lxc/storage/btrfs.c
@@ -132,8 +132,7 @@ int btrfs_list_get_path_rootid(int fd, u64 *treeid)
 
 	ret = ioctl(fd, BTRFS_IOC_INO_LOOKUP, &args);
 	if (ret < 0) {
-		WARN("Warning: can't perform the search -%s\n",
-				strerror(errno));
+		SYSWARN("Warning: can't perform the search");
 		return ret;
 	}
 	*treeid = args.treeid;
diff --git a/src/lxc/storage/overlay.c b/src/lxc/storage/overlay.c
index 7acb9eac1..0d1f81820 100644
--- a/src/lxc/storage/overlay.c
+++ b/src/lxc/storage/overlay.c
@@ -786,9 +786,9 @@ int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
 		else if (!strncmp(upperdir, lxcpath, dirlen) &&
 			 strncmp(upperdir, rootfs_dir, rootfslen))
 			ret = mkdir_p(upperdir, 0755);
+
 		if (ret < 0)
-			WARN("Failed to create directory \"%s\": %s", upperdir,
-			     strerror(errno));
+			SYSWARN("Failed to create directory \"%s\"", upperdir);
 	}
 
 	ret = 0;
@@ -798,9 +798,9 @@ int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
 		else if (!strncmp(workdir, lxcpath, dirlen) &&
 			 strncmp(workdir, rootfs_dir, rootfslen))
 			ret = mkdir_p(workdir, 0755);
+
 		if (ret < 0)
-			WARN("Failed to create directory \"%s\": %s", workdir,
-			     strerror(errno));
+			SYSWARN("Failed to create directory \"%s\"", workdir);
 	}
 
 	fret = 0;
diff --git a/src/lxc/terminal.c b/src/lxc/terminal.c
index e1089acf3..b942e4921 100644
--- a/src/lxc/terminal.c
+++ b/src/lxc/terminal.c
@@ -209,7 +209,7 @@ void lxc_terminal_signal_fini(struct lxc_terminal_state *ts)
 		close(ts->sigfd);
 
 		if (pthread_sigmask(SIG_SETMASK, &ts->oldmask, NULL) < 0)
-			WARN("%s - Failed to restore signal mask", strerror(errno));
+			SYSWARN("Failed to restore signal mask");
 	}
 
 	if (isatty(ts->stdinfd))
@@ -771,7 +771,7 @@ void lxc_terminal_delete(struct lxc_terminal *terminal)
 	if (terminal->tios && terminal->peer >= 0) {
 		ret = tcsetattr(terminal->peer, TCSAFLUSH, terminal->tios);
 		if (ret < 0)
-			WARN("%s - Failed to set old terminal settings", strerror(errno));
+			SYSWARN("Failed to set old terminal settings");
 	}
 	free(terminal->tios);
 	terminal->tios = NULL;
@@ -1106,8 +1106,7 @@ int lxc_console(struct lxc_container *c, int ttynum,
 	if (istty) {
 		istty = tcsetattr(stdinfd, TCSAFLUSH, &oldtios);
 		if (istty < 0)
-			WARN("%s - Failed to restore terminal properties",
-			     strerror(errno));
+			SYSWARN("Failed to restore terminal properties");
 	}
 
 close_mainloop:

From 7874d81a4df7f75391f3afb70b765d011a245dc4 Mon Sep 17 00:00:00 2001
From: 2xsec <dh48.jeong at samsung.com>
Date: Tue, 26 Jun 2018 14:33:17 +0900
Subject: [PATCH 2/4] log: change DEBUG, INFO, TRACE, NOTICE macro using
 strerror to SYS* macro

Signed-off-by: 2xsec <dh48.jeong at samsung.com>
---
 src/lxc/cmd/lxc_init.c          | 14 +++++---------
 src/lxc/cmd/lxc_monitord.c      |  2 +-
 src/lxc/commands.c              |  4 ++--
 src/lxc/conf.c                  | 15 ++++++---------
 src/lxc/initutils.c             |  3 ++-
 src/lxc/storage/overlay.c       |  6 +++---
 src/lxc/storage/storage_utils.c |  2 +-
 src/lxc/terminal.c              | 13 ++++++-------
 src/lxc/utils.c                 |  3 ++-
 9 files changed, 28 insertions(+), 34 deletions(-)

diff --git a/src/lxc/cmd/lxc_init.c b/src/lxc/cmd/lxc_init.c
index 2f0303451..65c765c35 100644
--- a/src/lxc/cmd/lxc_init.c
+++ b/src/lxc/cmd/lxc_init.c
@@ -335,9 +335,8 @@ int main(int argc, char *argv[])
 
 			sigerr = signal(i, SIG_DFL);
 			if (sigerr == SIG_ERR) {
-				DEBUG("%s - Failed to reset to default action "
-				      "for signal \"%d\": %d", strerror(errno),
-				      i, pid);
+				SYSDEBUG("Failed to reset to default action "
+				         "for signal \"%d\": %d", i, pid);
 			}
 		}
 
@@ -409,8 +408,7 @@ int main(int argc, char *argv[])
 				} else {
 					ret = kill(-1, SIGTERM);
 					if (ret < 0)
-						DEBUG("%s - Failed to send SIGTERM to "
-						      "all children", strerror(errno));
+						SYSDEBUG("Failed to send SIGTERM to all children");
 				}
 				alarm(1);
 			}
@@ -424,16 +422,14 @@ int main(int argc, char *argv[])
 			} else {
 				ret = kill(-1, SIGKILL);
 				if (ret < 0)
-					DEBUG("%s - Failed to send SIGTERM to "
-					      "all children", strerror(errno));
+					SYSDEBUG("Failed to send SIGTERM to all children");
 			}
 			break;
 		}
 		default:
 			ret = kill(pid, was_interrupted);
 			if (ret < 0)
-				DEBUG("%s - Failed to send signal \"%d\" to "
-				      "%d", strerror(errno), was_interrupted, pid);
+				SYSDEBUG("Failed to send signal \"%d\" to %d", was_interrupted, pid);
 			break;
 		}
 		ret = EXIT_SUCCESS;
diff --git a/src/lxc/cmd/lxc_monitord.c b/src/lxc/cmd/lxc_monitord.c
index 96f530fec..4f8db5707 100644
--- a/src/lxc/cmd/lxc_monitord.c
+++ b/src/lxc/cmd/lxc_monitord.c
@@ -91,7 +91,7 @@ static int lxc_monitord_fifo_create(struct lxc_monitor *mon)
 
 	ret = mknod(fifo_path, S_IFIFO|S_IRUSR|S_IWUSR, 0);
 	if (ret < 0 && errno != EEXIST) {
-		INFO("Failed to mknod monitor fifo %s: %s.", fifo_path, strerror(errno));
+		SYSINFO("Failed to mknod monitor fifo %s", fifo_path);
 		return -1;
 	}
 
diff --git a/src/lxc/commands.c b/src/lxc/commands.c
index ca77affd4..53015a0cd 100644
--- a/src/lxc/commands.c
+++ b/src/lxc/commands.c
@@ -307,8 +307,8 @@ static int lxc_cmd(const char *name, struct lxc_cmd_rr *cmd, int *stopped,
 
 	client_fd = lxc_cmd_send(name, cmd, lxcpath, hashed_sock_name);
 	if (client_fd < 0) {
-		TRACE("%s - Command \"%s\" failed to connect command socket",
-		      strerror(errno), lxc_cmd_str(cmd->req.cmd));
+		SYSTRACE("Command \"%s\" failed to connect command socket",
+		         lxc_cmd_str(cmd->req.cmd));
 
 		if (client_fd == -ECONNREFUSED)
 			*stopped = 1;
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index cc97ea9d1..763a2cb76 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1942,9 +1942,8 @@ static int mount_entry(const char *fsname, const char *target,
 			 rootfs);
 	if (ret < 0) {
 		if (optional) {
-			INFO("%s - Failed to mount \"%s\" on \"%s\" "
-			     "(optional)", strerror(errno),
-			     srcpath ? srcpath : "(null)", target);
+			SYSINFO("Failed to mount \"%s\" on \"%s\" (optional)",
+			        srcpath ? srcpath : "(null)", target);
 			return 0;
 		}
 
@@ -2000,10 +1999,8 @@ static int mount_entry(const char *fsname, const char *target,
 		ret = mount(srcpath, target, fstype, mountflags | MS_REMOUNT, data);
 		if (ret < 0) {
 			if (optional) {
-				INFO("Failed to mount \"%s\" on \"%s\" "
-				     "(optional): %s",
-				     srcpath ? srcpath : "(null)", target,
-				     strerror(errno));
+				SYSINFO("Failed to mount \"%s\" on \"%s\" (optional)",
+				        srcpath ? srcpath : "(null)", target);
 				return 0;
 			}
 
@@ -2017,8 +2014,8 @@ static int mount_entry(const char *fsname, const char *target,
 		ret = mount(NULL, target, NULL, pflags, NULL);
 		if (ret < 0) {
 			if (optional) {
-				INFO("%s - Failed to change mount propagation "
-				     "for \"%s\" (optional)", strerror(errno), target);
+				SYSINFO("Failed to change mount propagation "
+				        "for \"%s\" (optional)", target);
 				return 0;
 			} else {
 				SYSERROR("Failed to change mount propagation "
diff --git a/src/lxc/initutils.c b/src/lxc/initutils.c
index b95bffdfe..4ca2ce197 100644
--- a/src/lxc/initutils.c
+++ b/src/lxc/initutils.c
@@ -21,6 +21,7 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  */
 
+#define _GNU_SOURCE
 #include <sys/prctl.h>
 
 #include "initutils.h"
@@ -364,7 +365,7 @@ int setproctitle(char *title)
 	if (ret == 0)
 		(void)strlcpy((char*)arg_start, title, len);
 	else
-		INFO("setting cmdline failed - %s", strerror(errno));
+		SYSINFO("setting cmdline failed");
 
 	return ret;
 }
diff --git a/src/lxc/storage/overlay.c b/src/lxc/storage/overlay.c
index 0d1f81820..05d1a3fe0 100644
--- a/src/lxc/storage/overlay.c
+++ b/src/lxc/storage/overlay.c
@@ -636,9 +636,9 @@ int ovl_mount(struct lxc_storage *bdev)
 	ret = ovl_remount_on_enodev(lower, bdev->dest, ovl_name,
 				    MS_MGC_VAL | mntflags, options_work);
 	if (ret < 0) {
-		INFO("Failed to mount \"%s\" on \"%s\" with options \"%s\". "
-		     "Retrying without workdir: %s",
-		     lower, bdev->dest, options_work, strerror(errno));
+		SYSINFO("Failed to mount \"%s\" on \"%s\" with options \"%s\". "
+		        "Retrying without workdir",
+		        lower, bdev->dest, options_work);
 
 		/* Assume we cannot use a workdir as we are on a version <= v21.
 		 */
diff --git a/src/lxc/storage/storage_utils.c b/src/lxc/storage/storage_utils.c
index fa8dfaf41..b0a190438 100644
--- a/src/lxc/storage/storage_utils.c
+++ b/src/lxc/storage/storage_utils.c
@@ -385,7 +385,7 @@ int find_fstype_cb(char *buffer, void *data)
 	}
 
 	if (mount(cbarg->rootfs, cbarg->target, fstype, mntflags, mntdata)) {
-		DEBUG("mount failed with error: %s", strerror(errno));
+		SYSDEBUG("mount failed with error");
 		free(mntdata);
 		return 0;
 	}
diff --git a/src/lxc/terminal.c b/src/lxc/terminal.c
index b942e4921..06c04ab0b 100644
--- a/src/lxc/terminal.c
+++ b/src/lxc/terminal.c
@@ -163,8 +163,7 @@ struct lxc_terminal_state *lxc_terminal_signal_init(int srcfd, int dstfd)
 		lxc_list_add_tail(&lxc_ttys, &ts->node);
 		ret = sigaddset(&mask, SIGWINCH);
 		if (ret < 0)
-			NOTICE("%s - Failed to add SIGWINCH to signal set",
-			       strerror(errno));
+			SYSNOTICE("Failed to add SIGWINCH to signal set");
 	}
 
 	/* Exit the mainloop cleanly on SIGTERM. */
@@ -411,9 +410,10 @@ int lxc_terminal_io_cb(int fd, uint32_t events, void *data,
 	if (w != r)
 		WARN("Short write on terminal r:%d != w:%d", r, w);
 
-	if (w_rbuf < 0)
-		TRACE("%s - Failed to write %d bytes to terminal ringbuffer",
-		      strerror(-w_rbuf), r);
+	if (w_rbuf < 0) {
+		errno = -w_rbuf;
+		SYSTRACE("Failed to write %d bytes to terminal ringbuffer", r);
+	}
 
 	if (w_log < 0)
 		TRACE("Failed to write %d bytes to terminal log", r);
@@ -681,8 +681,7 @@ static int lxc_terminal_peer_default(struct lxc_terminal *terminal)
 	if (terminal->peer < 0) {
 		if (!terminal->path) {
 			errno = ENODEV;
-			DEBUG("%s - The process does not have a controlling "
-			      "terminal", strerror(errno));
+			SYSDEBUG("The process does not have a controlling terminal");
 			goto on_succes;
 		}
 
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 42bdbf60d..39676c7e0 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -1080,7 +1080,8 @@ int randseed(bool srand_it)
 	if (f) {
 		int ret = fread(&seed, sizeof(seed), 1, f);
 		if (ret != 1)
-			DEBUG("unable to fread /dev/urandom, %s, fallback to time+pid rand seed", strerror(errno));
+			SYSDEBUG("unable to fread /dev/urandom, fallback to time+pid rand seed");
+
 		fclose(f);
 	}
 

From b5be6a7caa237450404751e2f23964c18eb438b7 Mon Sep 17 00:00:00 2001
From: 2xsec <dh48.jeong at samsung.com>
Date: Tue, 26 Jun 2018 14:41:54 +0900
Subject: [PATCH 3/4] log: remove strerror() from SYSERROR call

Signed-off-by: 2xsec <dh48.jeong at samsung.com>
---
 src/lxc/cmd/lxc_monitord.c | 2 +-
 src/lxc/lsm/lsm.c          | 3 +--
 src/lxc/monitor.c          | 2 +-
 src/lxc/storage/overlay.c  | 5 ++---
 4 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/src/lxc/cmd/lxc_monitord.c b/src/lxc/cmd/lxc_monitord.c
index 4f8db5707..e2124953c 100644
--- a/src/lxc/cmd/lxc_monitord.c
+++ b/src/lxc/cmd/lxc_monitord.c
@@ -300,7 +300,7 @@ static int lxc_monitord_fifo_handler(int fd, uint32_t events, void *data,
 
 	ret = read(fd, &msglxc, sizeof(msglxc));
 	if (ret != sizeof(msglxc)) {
-		SYSERROR("Reading from fifo failed: %s.", strerror(errno));
+		SYSERROR("Reading from fifo failed");
 		return LXC_MAINLOOP_CLOSE;
 	}
 
diff --git a/src/lxc/lsm/lsm.c b/src/lxc/lsm/lsm.c
index e404002d6..3f71cdd73 100644
--- a/src/lxc/lsm/lsm.c
+++ b/src/lxc/lsm/lsm.c
@@ -112,8 +112,7 @@ int lsm_process_label_fd_get(pid_t pid, bool on_exec)
 
 	labelfd = open(path, O_RDWR);
 	if (labelfd < 0) {
-		SYSERROR("%s - Unable to %s LSM label file descriptor",
-			 name, strerror(errno));
+		SYSERROR("Unable to %s LSM label file descriptor", name);
 		return -1;
 	}
 
diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c
index 5c866ae84..2bd3a451e 100644
--- a/src/lxc/monitor.c
+++ b/src/lxc/monitor.c
@@ -261,7 +261,7 @@ int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds, struct lxc_msg *msg,
 			fds[i].revents = 0;
 			ret = recv(fds[i].fd, msg, sizeof(*msg), 0);
 			if (ret <= 0) {
-				SYSERROR("Failed to receive message. Did monitord die?: %s.", strerror(errno));
+				SYSERROR("Failed to receive message. Did monitord die?");
 				return -1;
 			}
 			return ret;
diff --git a/src/lxc/storage/overlay.c b/src/lxc/storage/overlay.c
index 05d1a3fe0..a426a0219 100644
--- a/src/lxc/storage/overlay.c
+++ b/src/lxc/storage/overlay.c
@@ -645,9 +645,8 @@ int ovl_mount(struct lxc_storage *bdev)
 		ret = ovl_remount_on_enodev(lower, bdev->dest, ovl_name,
 					    MS_MGC_VAL | mntflags, options);
 		if (ret < 0)
-			SYSERROR("Failed to mount \"%s\" on \"%s\" with "
-				 "options \"%s\": %s",
-				 lower, bdev->dest, options, strerror(errno));
+			SYSERROR("Failed to mount \"%s\" on \"%s\" with options \"%s\"",
+			         lower, bdev->dest, options);
 		else
 			INFO("Mounted \"%s\" on \"%s\" with options \"%s\"",
 			     lower, bdev->dest, options);

From 6d1400b572630247347318a2df2d8ee5219cabc5 Mon Sep 17 00:00:00 2001
From: 2xsec <dh48.jeong at samsung.com>
Date: Tue, 26 Jun 2018 17:16:37 +0900
Subject: [PATCH 4/4] log: change ERROR macro using sterror to SYSERROR

Signed-off-by: 2xsec <dh48.jeong at samsung.com>
---
 src/lxc/caps.c             |  34 ++++++-------
 src/lxc/cmd/lxc_init.c     |   5 +-
 src/lxc/cmd/lxc_monitord.c |   6 +--
 src/lxc/commands.c         |  35 ++++++-------
 src/lxc/commands_utils.c   |   2 +-
 src/lxc/conf.c             |  12 ++---
 src/lxc/confile.c          |  15 +++---
 src/lxc/confile_utils.c    |   3 +-
 src/lxc/criu.c             |   2 +-
 src/lxc/log.c              |  11 ++---
 src/lxc/lxccontainer.c     |  16 +++---
 src/lxc/monitor.c          |   7 +--
 src/lxc/namespace.c        |   3 +-
 src/lxc/network.c          | 120 +++++++++++++++++++++++++--------------------
 src/lxc/seccomp.c          |  36 ++++++++------
 src/lxc/start.c            |  12 ++---
 src/lxc/storage/btrfs.c    |  11 ++---
 src/lxc/sync.c             |   8 +--
 src/lxc/terminal.c         |   3 +-
 src/lxc/utils.c            |   4 +-
 20 files changed, 181 insertions(+), 164 deletions(-)

diff --git a/src/lxc/caps.c b/src/lxc/caps.c
index 9e6a08a9f..7b1848f63 100644
--- a/src/lxc/caps.c
+++ b/src/lxc/caps.c
@@ -75,19 +75,19 @@ int lxc_caps_down(void)
 
 	caps = cap_get_proc();
 	if (!caps) {
-		ERROR("failed to cap_get_proc: %s", strerror(errno));
+		SYSERROR("Failed to cap_get_proc");
 		return -1;
 	}
 
 	ret = cap_clear_flag(caps, CAP_EFFECTIVE);
 	if (ret) {
-		ERROR("failed to cap_clear_flag: %s", strerror(errno));
+		SYSERROR("Failed to cap_clear_flag");
 		goto out;
 	}
 
 	ret = cap_set_proc(caps);
 	if (ret) {
-		ERROR("failed to cap_set_proc: %s", strerror(errno));
+		SYSERROR("Failed to cap_set_proc");
 		goto out;
 	}
 
@@ -109,7 +109,7 @@ int lxc_caps_up(void)
 
 	caps = cap_get_proc();
 	if (!caps) {
-		ERROR("failed to cap_get_proc: %s", strerror(errno));
+		SYSERROR("Failed to cap_get_proc");
 		return -1;
 	}
 
@@ -123,22 +123,21 @@ int lxc_caps_up(void)
 				INFO("Last supported cap was %d", cap-1);
 				break;
 			} else {
-				ERROR("failed to cap_get_flag: %s",
-				      strerror(errno));
+				SYSERROR("Failed to cap_get_flag");
 				goto out;
 			}
 		}
 
 		ret = cap_set_flag(caps, CAP_EFFECTIVE, 1, &cap, flag);
 		if (ret) {
-			ERROR("failed to cap_set_flag: %s", strerror(errno));
+			SYSERROR("Failed to cap_set_flag");
 			goto out;
 		}
 	}
 
 	ret = cap_set_proc(caps);
 	if (ret) {
-		ERROR("failed to cap_set_proc: %s", strerror(errno));
+		SYSERROR("Failed to cap_set_proc");
 		goto out;
 	}
 
@@ -270,26 +269,22 @@ int lxc_caps_init(void)
 		INFO("command is run as setuid root (uid : %d)", uid);
 
 		if (prctl(PR_SET_KEEPCAPS, 1)) {
-			ERROR("failed to 'PR_SET_KEEPCAPS': %s",
-			      strerror(errno));
+			SYSERROR("Failed to 'PR_SET_KEEPCAPS'");
 			return -1;
 		}
 
 		if (setresgid(gid, gid, gid)) {
-			ERROR("failed to change gid to '%d': %s", gid,
-			      strerror(errno));
+			SYSERROR("Failed to change gid to '%d'", gid);
 			return -1;
 		}
 
 		if (setresuid(uid, uid, uid)) {
-			ERROR("failed to change uid to '%d': %s", uid,
-			      strerror(errno));
+			SYSERROR("Failed to change uid to '%d'", uid);
 			return -1;
 		}
 
 		if (lxc_caps_up()) {
-			ERROR("failed to restore capabilities: %s",
-			      strerror(errno));
+			SYSERROR("Failed to restore capabilities");
 			return -1;
 		}
 	}
@@ -350,7 +345,7 @@ static bool lxc_cap_is_set(cap_t caps, cap_value_t cap, cap_flag_t flag)
 
 	ret = cap_get_flag(caps, cap, flag, &flagval);
 	if (ret < 0) {
-		ERROR("Failed to perform cap_get_flag(): %s.", strerror(errno));
+		SYSERROR("Failed to perform cap_get_flag()");
 		return false;
 	}
 
@@ -371,7 +366,8 @@ bool lxc_file_cap_is_set(const char *path, cap_value_t cap, cap_flag_t flag)
 		 * case errno will be set to ENODATA.
 		 */
 		if (errno != ENODATA)
-			ERROR("Failed to perform cap_get_file(): %s.\n", strerror(errno));
+			SYSERROR("Failed to perform cap_get_file()");
+
 		return false;
 	}
 
@@ -391,7 +387,7 @@ bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag)
 
 	caps = cap_get_proc();
 	if (!caps) {
-		ERROR("Failed to perform cap_get_proc(): %s.\n", strerror(errno));
+		SYSERROR("Failed to perform cap_get_proc()");
 		return false;
 	}
 
diff --git a/src/lxc/cmd/lxc_init.c b/src/lxc/cmd/lxc_init.c
index 65c765c35..651e9cb16 100644
--- a/src/lxc/cmd/lxc_init.c
+++ b/src/lxc/cmd/lxc_init.c
@@ -356,7 +356,7 @@ int main(int argc, char *argv[])
 		NOTICE("Exec'ing \"%s\"", my_args.argv[0]);
 
 		ret = execvp(my_args.argv[0], my_args.argv);
-		ERROR("%s - Failed to exec \"%s\"", strerror(errno), my_args.argv[0]);
+		SYSERROR("Failed to exec \"%s\"", my_args.argv[0]);
 		exit(ret);
 	}
 
@@ -443,8 +443,7 @@ int main(int argc, char *argv[])
 			if (errno == EINTR)
 				continue;
 
-			ERROR("%s - Failed to wait on child %d",
-			      strerror(errno), pid);
+			SYSERROR("Failed to wait on child %d", pid);
 			goto out;
 		}
 
diff --git a/src/lxc/cmd/lxc_monitord.c b/src/lxc/cmd/lxc_monitord.c
index e2124953c..298f431ef 100644
--- a/src/lxc/cmd/lxc_monitord.c
+++ b/src/lxc/cmd/lxc_monitord.c
@@ -241,7 +241,7 @@ static int lxc_monitord_sock_create(struct lxc_monitor *mon)
 
 	fd = lxc_abstract_unix_open(addr.sun_path, SOCK_STREAM, O_TRUNC);
 	if (fd < 0) {
-		ERROR("Failed to open unix socket: %s.", strerror(errno));
+		SYSERROR("Failed to open unix socket");
 		return -1;
 	}
 
@@ -307,8 +307,8 @@ static int lxc_monitord_fifo_handler(int fd, uint32_t events, void *data,
 	for (i = 0; i < mon->clientfds_cnt; i++) {
 		ret = write(mon->clientfds[i], &msglxc, sizeof(msglxc));
 		if (ret < 0)
-			ERROR("Failed to send message to client file descriptor %d: %s.",
-			      mon->clientfds[i], strerror(errno));
+			SYSERROR("Failed to send message to client file descriptor %d",
+			         mon->clientfds[i]);
 	}
 
 	return LXC_MAINLOOP_CONTINUE;
diff --git a/src/lxc/commands.c b/src/lxc/commands.c
index 53015a0cd..22275277b 100644
--- a/src/lxc/commands.c
+++ b/src/lxc/commands.c
@@ -165,9 +165,8 @@ static int lxc_cmd_rsp_recv(int sock, struct lxc_cmd_rr *cmd)
 	if ((rsp->datalen > LXC_CMD_DATA_MAX) &&
 	    (cmd->req.cmd != LXC_CMD_CONSOLE_LOG)) {
 		errno = EFBIG;
-		ERROR("%s - Response data for command \"%s\" is too long: %d "
-		      "bytes > %d", strerror(errno), lxc_cmd_str(cmd->req.cmd),
-		      rsp->datalen, LXC_CMD_DATA_MAX);
+		SYSERROR("Response data for command \"%s\" is too long: %d bytes > %d",
+		         lxc_cmd_str(cmd->req.cmd), rsp->datalen, LXC_CMD_DATA_MAX);
 		return -EFBIG;
 	}
 
@@ -179,15 +178,15 @@ static int lxc_cmd_rsp_recv(int sock, struct lxc_cmd_rr *cmd)
 	}
 	if (!rsp->data) {
 		errno = ENOMEM;
-		ERROR("%s - Failed to allocate response buffer for command "
-		      "\"%s\"", strerror(errno), lxc_cmd_str(cmd->req.cmd));
+		SYSERROR("Failed to allocate response buffer for command \"%s\"",
+		         lxc_cmd_str(cmd->req.cmd));
 		return -ENOMEM;
 	}
 
 	ret = recv(sock, rsp->data, rsp->datalen, 0);
 	if (ret != rsp->datalen) {
-		ERROR("%s - Failed to receive response data for command \"%s\"",
-		      lxc_cmd_str(cmd->req.cmd), strerror(errno));
+		SYSERROR("Failed to receive response data for command \"%s\"",
+		         lxc_cmd_str(cmd->req.cmd));
 		if (ret >= 0)
 			ret = -1;
 	}
@@ -209,8 +208,7 @@ static int lxc_cmd_rsp_send(int fd, struct lxc_cmd_rsp *rsp)
 
 	ret = send(fd, rsp, sizeof(*rsp), 0);
 	if (ret < 0 || (size_t)ret != sizeof(*rsp)) {
-		ERROR("%s - Failed to send command response %zd",
-		      strerror(errno), ret);
+		SYSERROR("Failed to send command response %zd", ret);
 		return -1;
 	}
 
@@ -621,8 +619,8 @@ int lxc_cmd_stop(const char *name, const char *lxcpath)
 	 * closed.
 	 */
 	if (ret > 0) {
-		ERROR("%s - Failed to stop container \"%s\"",
-		      strerror(-cmd.rsp.ret), name);
+		errno = -cmd.rsp.ret;
+		SYSERROR("Failed to stop container \"%s\"", name);
 		return -1;
 	}
 
@@ -713,7 +711,8 @@ int lxc_cmd_console(const char *name, int *ttynum, int *fd, const char *lxcpath)
 		return ret;
 
 	if (cmd.rsp.ret < 0) {
-		ERROR("%s - Denied access to tty", strerror(-cmd.rsp.ret));
+		errno = -cmd.rsp.ret;
+		SYSERROR("Denied access to tty");
 		ret = -1;
 		goto out;
 	}
@@ -865,7 +864,8 @@ int lxc_cmd_add_state_client(const char *name, const char *lxcpath,
 
 	if (ret < 0) {
 		if (errno != ECONNREFUSED)
-			ERROR("%s - Failed to execute command", strerror(errno));
+			SYSERROR("Failed to execute command");
+
 		return -1;
 	}
 
@@ -873,7 +873,8 @@ int lxc_cmd_add_state_client(const char *name, const char *lxcpath,
 	 * function.
 	 */
 	if (cmd.rsp.ret < 0) {
-		ERROR("%s - Failed to receive socket fd", strerror(-cmd.rsp.ret));
+		errno = -cmd.rsp.ret;
+		SYSERROR("Failed to receive socket fd");
 		return -1;
 	}
 
@@ -1012,7 +1013,7 @@ int lxc_cmd_serve_state_clients(const char *name, const char *lxcpath,
 
 	ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
 	if (ret < 0) {
-		ERROR("%s - Failed to execute command", strerror(errno));
+		SYSERROR("Failed to execute command");
 		return -1;
 	}
 
@@ -1246,10 +1247,10 @@ int lxc_cmd_init(const char *name, const char *lxcpath, const char *suffix)
 
 	fd = lxc_abstract_unix_open(path, SOCK_STREAM, 0);
 	if (fd < 0) {
-		ERROR("%s - Failed to create command socket %s",
-		      strerror(errno), offset);
+		SYSERROR("Failed to create command socket %s", offset);
 		if (errno == EADDRINUSE)
 			ERROR("Container \"%s\" appears to be already running", name);
+
 		return -1;
 	}
 
diff --git a/src/lxc/commands_utils.c b/src/lxc/commands_utils.c
index 426177ddc..03e481f09 100644
--- a/src/lxc/commands_utils.c
+++ b/src/lxc/commands_utils.c
@@ -69,7 +69,7 @@ int lxc_cmd_sock_rcv_state(int state_client_fd, int timeout)
 			goto again;
 		}
 
-		ERROR("Failed to receive message: %s", strerror(errno));
+		SYSERROR("Failed to receive message");
 		return -1;
 	}
 
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 763a2cb76..ee0e7bddd 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -932,7 +932,7 @@ static int lxc_setup_ttys(struct lxc_conf *conf)
 			 */
 			ret = mknod(path, S_IFREG | 0000, 0);
 			if (ret < 0) /* this isn't fatal, continue */
-				ERROR("%s - Failed to create \"%s\"", strerror(errno), path);
+				SYSERROR("Failed to create \"%s\"", path);
 
 			ret = mount(tty->name, path, "none", MS_BIND, 0);
 			if (ret < 0) {
@@ -1053,8 +1053,7 @@ static int lxc_send_ttys_to_parent(struct lxc_handler *handler)
 	}
 
 	if (ret < 0)
-		ERROR("Failed to send %zu ttys to parent: %s", ttys->max,
-		      strerror(errno));
+		SYSERROR("Failed to send %zu ttys to parent", ttys->max);
 	else
 		TRACE("Sent %zu ttys to parent", ttys->max);
 
@@ -1659,7 +1658,7 @@ static int lxc_setup_dev_console(const struct lxc_rootfs *rootfs,
 	if (file_exists(path)) {
 		ret = lxc_unstack_mountpoint(path, false);
 		if (ret < 0) {
-			ERROR("Failed to unmount \"%s\": %s", path, strerror(errno));
+			SYSERROR("Failed to unmount \"%s\"", path);
 			return -ret;
 		} else {
 			DEBUG("Cleared all (%d) mounts from \"%s\"", ret, path);
@@ -1738,7 +1737,7 @@ static int lxc_setup_ttydir_console(const struct lxc_rootfs *rootfs,
 	if (file_exists(path)) {
 		ret = lxc_unstack_mountpoint(path, false);
 		if (ret < 0) {
-			ERROR("%s - Failed to unmount \"%s\"", strerror(errno), path);
+			SYSERROR("Failed to unmount \"%s\"", path);
 			return -ret;
 		} else {
 			DEBUG("Cleared all (%d) mounts from \"%s\"", ret, path);
@@ -2529,8 +2528,7 @@ int setup_resource_limits(struct lxc_list *limits, pid_t pid)
 
 #if HAVE_PRLIMIT || HAVE_PRLIMIT64
 		if (prlimit(pid, resid, &lim->limit, NULL) != 0) {
-			ERROR("Failed to set limit %s: %s", lim->resource,
-			      strerror(errno));
+			SYSERROR("Failed to set limit %s", lim->resource);
 			return -1;
 		}
 #else
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index a07290112..f0041770a 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -2222,8 +2222,9 @@ static int set_config_namespace_clone(const char *key, const char *value,
 		return clr_config_namespace_clone(key, lxc_conf, data);
 
 	if (lxc_conf->ns_keep != 0) {
-		ERROR("%s - Cannot set both \"lxc.namespace.clone\" and "
-		      "\"lxc.namespace.keep\"", strerror(EINVAL));
+		errno = EINVAL;
+		SYSERROR("Cannot set both \"lxc.namespace.clone\" and "
+		         "\"lxc.namespace.keep\"");
 		return -EINVAL;
 	}
 
@@ -2258,8 +2259,9 @@ static int set_config_namespace_keep(const char *key, const char *value,
 		return clr_config_namespace_keep(key, lxc_conf, data);
 
 	if (lxc_conf->ns_clone != 0) {
-		ERROR("%s - Cannot set both \"lxc.namespace.clone\" and "
-		      "\"lxc.namespace.keep\"", strerror(EINVAL));
+		errno = EINVAL;
+		SYSERROR("Cannot set both \"lxc.namespace.clone\" and "
+		         "\"lxc.namespace.keep\"");
 		return -EINVAL;
 	}
 
@@ -4153,8 +4155,9 @@ static struct lxc_config_t *get_network_config_ops(const char *key,
 	/* parse current index */
 	ret = lxc_safe_uint((idx_start + 1), &tmpidx);
 	if (ret < 0) {
-		ERROR("Failed to parse usigned integer from string \"%s\": %s",
-		      idx_start + 1, strerror(-ret));
+		errno = -ret;
+		SYSERROR("Failed to parse usigned integer from string \"%s\"",
+		         idx_start + 1);
 		*idx = ret;
 		goto on_error;
 	}
diff --git a/src/lxc/confile_utils.c b/src/lxc/confile_utils.c
index 30df78d94..a68c6ffd0 100644
--- a/src/lxc/confile_utils.c
+++ b/src/lxc/confile_utils.c
@@ -743,8 +743,7 @@ static int lxc_container_name_to_pid(const char *lxcname_or_pid,
 
 	ret = kill(pid, 0);
 	if (ret < 0) {
-		ERROR("%s - Failed to send signal to pid %d", strerror(errno),
-		      (int)pid);
+		SYSERROR("Failed to send signal to pid %d", (int)pid);
 		return -EPERM;
 	}
 
diff --git a/src/lxc/criu.c b/src/lxc/criu.c
index 9ccd9b2e5..41b0c027f 100644
--- a/src/lxc/criu.c
+++ b/src/lxc/criu.c
@@ -983,7 +983,7 @@ static void do_restore(struct lxc_container *c, int status_pipe, struct migrate_
 
 	ret = resolve_clone_flags(handler);
 	if (ret < 0) {
-		ERROR("%s - Unsupported clone flag specified", strerror(errno));
+		SYSERROR("Unsupported clone flag specified");
 		goto out_fini_handler;
 	}
 
diff --git a/src/lxc/log.c b/src/lxc/log.c
index 46e54a88d..a3ce9f367 100644
--- a/src/lxc/log.c
+++ b/src/lxc/log.c
@@ -416,8 +416,7 @@ static int log_open(const char *name)
 	fd = lxc_unpriv(open(name, O_CREAT | O_WRONLY |
 			     O_APPEND | O_CLOEXEC, 0666));
 	if (fd == -1) {
-		ERROR("failed to open log file \"%s\" : %s", name,
-		      strerror(errno));
+		SYSERROR("Failed to open log file \"%s\"", name);
 		return -1;
 	}
 
@@ -426,7 +425,7 @@ static int log_open(const char *name)
 
 	newfd = fcntl(fd, F_DUPFD_CLOEXEC, 3);
 	if (newfd == -1)
-		ERROR("failed to dup log fd %d : %s", fd, strerror(errno));
+		SYSERROR("Failed to dup log fd %d", fd);
 
 	close(fd);
 	return newfd;
@@ -528,8 +527,7 @@ static int __lxc_log_set_file(const char *fname, int create_dirs)
 	if (create_dirs)
 #endif
 	if (build_dir(fname)) {
-		ERROR("failed to create dir for log file \"%s\" : %s", fname,
-		      strerror(errno));
+		SYSERROR("Failed to create dir for log file \"%s\"", fname);
 		return -1;
 	}
 
@@ -704,8 +702,7 @@ extern int lxc_log_set_file(int *fd, const char *fname)
 	}
 
 	if (build_dir(fname)) {
-		ERROR("failed to create dir for log file \"%s\" : %s", fname,
-				strerror(errno));
+		SYSERROR("Failed to create dir for log file \"%s\"", fname);
 		return -1;
 	}
 
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index e34fdecf2..c5ea78770 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -2628,21 +2628,24 @@ static bool mod_rdep(struct lxc_container *c0, struct lxc_container *c, bool inc
 		if (n == 1 && v == 0) {
 			ret = remove(path);
 			if (ret < 0)
-				ERROR("%s - Failed to remove \"%s\"",
-				      strerror(errno), path);
+				SYSERROR("Failed to remove \"%s\"", path);
+
 			n = 0;
 		}
 	}
+
 	if (n == 1) {
 		v += inc ? 1 : -1;
 		f1 = fopen(path, "w");
 		if (!f1)
 			goto out;
+
 		if (fprintf(f1, "%d\n", v) < 0) {
 			ERROR("Error writing new snapshots value");
 			fclose(f1);
 			goto out;
 		}
+
 		ret = fclose(f1);
 		if (ret != 0) {
 			SYSERROR("Error writing to or closing snapshots file");
@@ -2679,7 +2682,6 @@ static bool mod_rdep(struct lxc_container *c0, struct lxc_container *c, bool inc
 			}
 
 			if (fbuf.st_size != 0) {
-
 				buf = lxc_strmmap(NULL, fbuf.st_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
 				if (buf == MAP_FAILED) {
 					SYSERROR("Failed to create mapping %s", path);
@@ -2706,11 +2708,11 @@ static bool mod_rdep(struct lxc_container *c0, struct lxc_container *c, bool inc
 		/* If the lxc-snapshot file is empty, remove it. */
 		if (stat(path, &fbuf) < 0)
 			goto out;
+
 		if (!fbuf.st_size) {
 			ret = remove(path);
 			if (ret < 0)
 				SYSERROR("Failed to remove \"%s\"", path);
-
 		}
 	}
 
@@ -4415,7 +4417,7 @@ static bool do_add_remove_node(pid_t init_pid, const char *path, bool add,
 	if(ret == 0) {
 		ret = unlink(path);
 		if (ret < 0) {
-			ERROR("%s - Failed to remove \"%s\"", strerror(errno), path);
+			SYSERROR("Failed to remove \"%s\"", path);
 			_exit(EXIT_FAILURE);
 		}
 	}
@@ -4431,7 +4433,7 @@ static bool do_add_remove_node(pid_t init_pid, const char *path, bool add,
 	directory_path = dirname(tmp);
 	ret = mkdir_p(directory_path, 0755);
 	if (ret < 0 && errno != EEXIST) {
-		ERROR("%s - Failed to create path \"%s\"", strerror(errno), directory_path);
+		SYSERROR("Failed to create path \"%s\"", directory_path);
 		free(tmp);
 		_exit(EXIT_FAILURE);
 	}
@@ -4440,7 +4442,7 @@ static bool do_add_remove_node(pid_t init_pid, const char *path, bool add,
 	ret = mknod(path, st->st_mode, st->st_rdev);
 	free(tmp);
 	if (ret < 0) {
-		ERROR("%s - Failed to create device node at \"%s\"", strerror(errno), path);
+		SYSERROR("Failed to create device node at \"%s\"", path);
 		_exit(EXIT_FAILURE);
 	}
 
diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c
index 2bd3a451e..40e54c90b 100644
--- a/src/lxc/monitor.c
+++ b/src/lxc/monitor.c
@@ -221,7 +221,7 @@ int lxc_monitor_open(const char *lxcpath)
 	DEBUG("opening monitor socket %s with len %zu", &addr.sun_path[1], len);
 	if (len >= sizeof(addr.sun_path) - 1) {
 		errno = ENAMETOOLONG;
-		ERROR("name of monitor socket too long (%zu bytes): %s", len, strerror(errno));
+		SYSERROR("The name of monitor socket too long (%zu bytes)", len);
 		return -1;
 	}
 
@@ -229,12 +229,13 @@ int lxc_monitor_open(const char *lxcpath)
 		fd = lxc_abstract_unix_connect(addr.sun_path);
 		if (fd != -1 || errno != ECONNREFUSED)
 			break;
-		ERROR("Failed to connect to monitor socket. Retrying in %d ms: %s", backoff_ms[retry], strerror(errno));
+
+		SYSERROR("Failed to connect to monitor socket. Retrying in %d ms", backoff_ms[retry]);
 		usleep(backoff_ms[retry] * 1000);
 	}
 
 	if (fd < 0) {
-		ERROR("Failed to connect to monitor socket: %s.", strerror(errno));
+		SYSERROR("Failed to connect to monitor socket");
 		return -1;
 	}
 
diff --git a/src/lxc/namespace.c b/src/lxc/namespace.c
index 6f5ea674b..a169f83de 100644
--- a/src/lxc/namespace.c
+++ b/src/lxc/namespace.c
@@ -21,6 +21,7 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  */
 
+#define _GNU_SOURCE
 #include <alloca.h>
 #include <errno.h>
 #include <fcntl.h>
@@ -66,7 +67,7 @@ pid_t lxc_clone(int (*fn)(void *), void *arg, int flags)
 	ret = clone(do_clone, stack  + stack_size, flags | SIGCHLD, &clone_arg);
 #endif
 	if (ret < 0)
-		ERROR("Failed to clone (%#x): %s.", flags, strerror(errno));
+		SYSERROR("Failed to clone (%#x)", flags);
 
 	return ret;
 }
diff --git a/src/lxc/network.c b/src/lxc/network.c
index 3f15590b2..e59b85d62 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -133,8 +133,8 @@ static int instantiate_veth(struct lxc_handler *handler, struct lxc_netdev *netd
 
 	err = lxc_veth_create(veth1, veth2);
 	if (err) {
-		ERROR("Failed to create veth pair \"%s\" and \"%s\": %s", veth1,
-		      veth2, strerror(-err));
+		errno = -err;
+		SYSERROR("Failed to create veth pair \"%s\" and \"%s\"", veth1, veth2);
 		goto out_delete;
 	}
 
@@ -143,8 +143,8 @@ static int instantiate_veth(struct lxc_handler *handler, struct lxc_netdev *netd
 	 * of a container */
 	err = setup_private_host_hw_addr(veth1);
 	if (err) {
-		ERROR("Failed to change mac address of host interface \"%s\": %s",
-		      veth1, strerror(-err));
+		errno = -err;
+		SYSERROR("Failed to change mac address of host interface \"%s\"", veth1);
 		goto out_delete;
 	}
 
@@ -186,10 +186,11 @@ static int instantiate_veth(struct lxc_handler *handler, struct lxc_netdev *netd
 		err = lxc_netdev_set_mtu(veth1, mtu);
 		if (!err)
 			err = lxc_netdev_set_mtu(veth2, mtu);
+
 		if (err) {
-			ERROR("Failed to set mtu \"%d\" for veth pair \"%s\" "
-			      "and \"%s\": %s",
-			      mtu, veth1, veth2, strerror(-err));
+			errno = -err;
+			SYSERROR("Failed to set mtu \"%d\" for veth pair \"%s\" "
+			         "and \"%s\"", mtu, veth1, veth2);
 			goto out_delete;
 		}
 	}
@@ -197,8 +198,9 @@ static int instantiate_veth(struct lxc_handler *handler, struct lxc_netdev *netd
 	if (netdev->link[0] != '\0') {
 		err = lxc_bridge_attach(netdev->link, veth1);
 		if (err) {
-			ERROR("Failed to attach \"%s\" to bridge \"%s\": %s",
-			      veth1, netdev->link, strerror(-err));
+			errno = -err;
+			SYSERROR("Failed to attach \"%s\" to bridge \"%s\"",
+			         veth1, netdev->link);
 			goto out_delete;
 		}
 		INFO("Attached \"%s\" to bridge \"%s\"", veth1, netdev->link);
@@ -206,7 +208,8 @@ static int instantiate_veth(struct lxc_handler *handler, struct lxc_netdev *netd
 
 	err = lxc_netdev_up(veth1);
 	if (err) {
-		ERROR("Failed to set \"%s\" up: %s", veth1, strerror(-err));
+		errno = -err;
+		SYSERROR("Failed to set \"%s\" up", veth1);
 		goto out_delete;
 	}
 
@@ -257,8 +260,9 @@ static int instantiate_macvlan(struct lxc_handler *handler, struct lxc_netdev *n
 	err = lxc_macvlan_create(netdev->link, peer,
 				 netdev->priv.macvlan_attr.mode);
 	if (err) {
-		ERROR("Failed to create macvlan interface \"%s\" on \"%s\": %s",
-		      peer, netdev->link, strerror(-err));
+		errno = -err;
+		SYSERROR("Failed to create macvlan interface \"%s\" on \"%s\"",
+		         peer, netdev->link);
 		goto on_error;
 	}
 
@@ -310,8 +314,9 @@ static int instantiate_vlan(struct lxc_handler *handler, struct lxc_netdev *netd
 
 	err = lxc_vlan_create(netdev->link, peer, netdev->priv.vlan_attr.vid);
 	if (err) {
-		ERROR("Failed to create vlan interface \"%s\" on \"%s\": %s",
-		      peer, netdev->link, strerror(-err));
+		errno = -err;
+		SYSERROR("Failed to create vlan interface \"%s\" on \"%s\"",
+		         peer, netdev->link);
 		return -1;
 	}
 
@@ -331,10 +336,12 @@ static int instantiate_vlan(struct lxc_handler *handler, struct lxc_netdev *netd
 			      netdev->name[0] != '\0' ? netdev->name : "(null)");
 			return -1;
 		}
+
 		err = lxc_netdev_set_mtu(peer, mtu);
 		if (err) {
-			ERROR("Failed to set mtu \"%s\" for \"%s\": %s",
-			      netdev->mtu, peer, strerror(-err));
+			errno = -err;
+			SYSERROR("Failed to set mtu \"%s\" for \"%s\"",
+			         netdev->mtu, peer);
 			lxc_netdev_delete_by_name(peer);
 			return -1;
 		}
@@ -1971,7 +1978,7 @@ char *lxc_mkifname(char *template)
 	/* Get all the network interfaces. */
 	ret = getifaddrs(&ifaddr);
 	if (ret < 0) {
-		ERROR("%s - Failed to get network interfaces", strerror(errno));
+		SYSERROR("Failed to get network interfaces");
 		return NULL;
 	}
 
@@ -2215,8 +2222,8 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna
 
 	ret = lxc_safe_int(token, &netdev->ifindex);
 	if (ret < 0) {
-		ERROR("%s - Failed to convert string \"%s\" to integer",
-		      strerror(-ret), token);
+		errno = -ret;
+		SYSERROR("Failed to convert string \"%s\" to integer", token);
 		return -1;
 	}
 
@@ -2243,8 +2250,8 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna
 
 	ret = lxc_safe_int(token, &netdev->priv.veth_attr.ifindex);
 	if (ret < 0) {
-		ERROR("%s - Failed to convert string \"%s\" to integer",
-		      strerror(-ret), token);
+		errno = -ret;
+		SYSERROR("Failed to convert string \"%s\" to integer", token);
 		return -1;
 	}
 
@@ -2504,9 +2511,9 @@ int lxc_network_move_created_netdev_priv(const char *lxcpath, const char *lxcnam
 
 		ret = lxc_netdev_move_by_name(ifname, pid, NULL);
 		if (ret) {
-			ERROR("Failed to move network device \"%s\" to "
-			      "network namespace %d: %s", ifname, pid,
-			      strerror(-ret));
+			errno = -ret;
+			SYSERROR("Failed to move network device \"%s\" to "
+			         "network namespace %d", ifname, pid);
 			return -1;
 		}
 
@@ -2756,12 +2763,12 @@ static int setup_hw_addr(char *hwaddr, const char *ifname)
 {
 	struct sockaddr sockaddr;
 	struct ifreq ifr;
-	int ret, fd, saved_errno;
+	int ret, fd;
 
 	ret = lxc_convert_mac(hwaddr, &sockaddr);
 	if (ret) {
-		ERROR("Mac address \"%s\" conversion failed: %s", hwaddr,
-		      strerror(-ret));
+		errno = -ret;
+		SYSERROR("Mac address \"%s\" conversion failed", hwaddr);
 		return -1;
 	}
 
@@ -2774,10 +2781,10 @@ static int setup_hw_addr(char *hwaddr, const char *ifname)
 		return -1;
 
 	ret = ioctl(fd, SIOCSIFHWADDR, &ifr);
-	saved_errno = errno;
-	close(fd);
 	if (ret)
-		ERROR("Failed to perform ioctl: %s", strerror(saved_errno));
+		SYSERROR("Failed to perform ioctl");
+
+	close(fd);
 
 	DEBUG("Mac address \"%s\" on \"%s\" has been setup", hwaddr,
 	      ifr.ifr_name);
@@ -2796,8 +2803,9 @@ static int setup_ipv4_addr(struct lxc_list *ip, int ifindex)
 		err = lxc_ipv4_addr_add(ifindex, &inetdev->addr,
 					&inetdev->bcast, inetdev->prefix);
 		if (err) {
-			ERROR("Failed to setup ipv4 address for network device "
-			      "with eifindex %d: %s", ifindex, strerror(-err));
+			errno = -err;
+			SYSERROR("Failed to setup ipv4 address for network device "
+			         "with eifindex %d", ifindex);
 			return -1;
 		}
 	}
@@ -2817,8 +2825,9 @@ static int setup_ipv6_addr(struct lxc_list *ip, int ifindex)
 					&inet6dev->mcast, &inet6dev->acast,
 					inet6dev->prefix);
 		if (err) {
-			ERROR("Failed to setup ipv6 address for network device "
-			      "with eifindex %d: %s", ifindex, strerror(-err));
+			errno = -err;
+			SYSERROR("Failed to setup ipv6 address for network device "
+			         "with eifindex %d", ifindex);
 			return -1;
 		}
 	}
@@ -2838,9 +2847,8 @@ static int lxc_setup_netdev_in_child_namespaces(struct lxc_netdev *netdev)
 		if (netdev->flags & IFF_UP) {
 			err = lxc_netdev_up("lo");
 			if (err) {
-				ERROR("Failed to set the loopback network "
-				      "device up: %s",
-				      strerror(-err));
+				errno = -err;
+				SYSERROR("Failed to set the loopback network device up");
 				return -1;
 			}
 		}
@@ -2893,8 +2901,9 @@ static int lxc_setup_netdev_in_child_namespaces(struct lxc_netdev *netdev)
 	if (strcmp(ifname, netdev->name) != 0) {
 		err = lxc_netdev_rename_by_name(ifname, netdev->name);
 		if (err) {
-			ERROR("Failed to rename network device \"%s\" to "
-			      "\"%s\": %s", ifname, netdev->name, strerror(-err));
+			errno = -err;
+			SYSERROR("Failed to rename network device \"%s\" to \"%s\"",
+			         ifname, netdev->name);
 			return -1;
 		}
 	}
@@ -2943,16 +2952,17 @@ static int lxc_setup_netdev_in_child_namespaces(struct lxc_netdev *netdev)
 
 		err = lxc_netdev_up(current_ifname);
 		if (err) {
-			ERROR("Failed to set network device \"%s\" up: %s",
-			      current_ifname, strerror(-err));
+			errno = -err;
+			SYSERROR("Failed to set network device \"%s\" up",
+			         current_ifname);
 			return -1;
 		}
 
 		/* the network is up, make the loopback up too */
 		err = lxc_netdev_up("lo");
 		if (err) {
-			ERROR("Failed to set the loopback network device up: %s",
-			      strerror(-err));
+			errno = -err;
+			SYSERROR("Failed to set the loopback network device up");
 			return -1;
 		}
 	}
@@ -2980,15 +2990,17 @@ static int lxc_setup_netdev_in_child_namespaces(struct lxc_netdev *netdev)
 		if (err) {
 			err = lxc_ipv4_dest_add(netdev->ifindex, netdev->ipv4_gateway);
 			if (err) {
-				ERROR("Failed to add ipv4 dest for network "
-				      "device \"%s\": %s", ifname, strerror(-err));
+				errno = -err;
+				SYSERROR("Failed to add ipv4 dest for network device \"%s\"",
+				         ifname);
 			}
 
 			err = lxc_ipv4_gateway_add(netdev->ifindex, netdev->ipv4_gateway);
 			if (err) {
-				ERROR("Failed to setup ipv4 gateway for "
-				      "network device \"%s\": %s",
-				      ifname, strerror(-err));
+				errno = -err;
+				SYSERROR("Failed to setup ipv4 gateway for network device \"%s\"",
+				         ifname);
+
 				if (netdev->ipv4_gateway_auto) {
 					char buf[INET_ADDRSTRLEN];
 					inet_ntop(AF_INET, netdev->ipv4_gateway, buf, sizeof(buf));
@@ -3017,15 +3029,17 @@ static int lxc_setup_netdev_in_child_namespaces(struct lxc_netdev *netdev)
 		if (err) {
 			err = lxc_ipv6_dest_add(netdev->ifindex, netdev->ipv6_gateway);
 			if (err) {
-				ERROR("Failed to add ipv6 dest for network "
-				      "device \"%s\": %s", ifname, strerror(-err));
+				errno = -err;
+				SYSERROR("Failed to add ipv6 dest for network device \"%s\"",
+				         ifname);
 			}
 
 			err = lxc_ipv6_gateway_add(netdev->ifindex, netdev->ipv6_gateway);
 			if (err) {
-				ERROR("Failed to setup ipv6 gateway for "
-				      "network device \"%s\": %s", ifname,
-				      strerror(-err));
+				errno = -err;
+				SYSERROR("Failed to setup ipv6 gateway for network device \"%s\"",
+				         ifname);
+
 				if (netdev->ipv6_gateway_auto) {
 					char buf[INET6_ADDRSTRLEN];
 					inet_ntop(AF_INET6, netdev->ipv6_gateway, buf, sizeof(buf));
diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 80a7ef176..81abf62ee 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -420,7 +420,8 @@ scmp_filter_ctx get_new_ctx(enum lxc_hostarch_t n_arch,
 
 	ret = seccomp_attr_set(ctx, SCMP_FLTATR_CTL_NNP, 0);
 	if (ret < 0) {
-		ERROR("%s - Failed to turn off no-new-privs", strerror(-ret));
+		errno = -ret;
+		SYSERROR("Failed to turn off no-new-privs");
 		seccomp_release(ctx);
 		return NULL;
 	}
@@ -436,17 +437,19 @@ scmp_filter_ctx get_new_ctx(enum lxc_hostarch_t n_arch,
 	ret = seccomp_arch_exist(ctx, arch);
 	if (ret < 0) {
 		if (ret != -EEXIST) {
-			ERROR("%s - Failed to determine whether arch %d is "
-			      "already present in the main seccomp context",
-			      strerror(-ret), (int)n_arch);
+			errno = -ret;
+			SYSERROR("Failed to determine whether arch %d is "
+			         "already present in the main seccomp context",
+			         (int)n_arch);
 			seccomp_release(ctx);
 			return NULL;
 		}
 
 		ret = seccomp_arch_add(ctx, arch);
 		if (ret != 0) {
-			ERROR("%s - Failed to add arch %d to main seccomp context",
-			      strerror(-ret), (int)n_arch);
+			errno = -ret;
+			SYSERROR("Failed to add arch %d to main seccomp context",
+			         (int)n_arch);
 			seccomp_release(ctx);
 			return NULL;
 		}
@@ -477,7 +480,8 @@ bool do_resolve_add_rule(uint32_t arch, char *line, scmp_filter_ctx ctx,
 
 	ret = seccomp_arch_exist(ctx, arch);
 	if (arch && ret != 0) {
-		ERROR("%s - Seccomp: rule and context arch do not match (arch %d)", strerror(-ret), arch);
+		errno = -ret;
+		SYSERROR("Seccomp: rule and context arch do not match (arch %d)", arch);
 		return false;
 	}
 
@@ -491,7 +495,8 @@ bool do_resolve_add_rule(uint32_t arch, char *line, scmp_filter_ctx ctx,
 					     SCMP_SYS(umount2), 1,
 					     SCMP_A1(SCMP_CMP_MASKED_EQ, MNT_FORCE, MNT_FORCE));
 		if (ret < 0) {
-			ERROR("%s - Failed loading rule to reject force umount", strerror(-ret));
+			errno = -ret;
+			SYSERROR("Failed loading rule to reject force umount");
 			return false;
 		}
 
@@ -534,9 +539,9 @@ bool do_resolve_add_rule(uint32_t arch, char *line, scmp_filter_ctx ctx,
 	ret = seccomp_rule_add_exact_array(ctx, rule->action, nr,
 					   rule->args_num, arg_cmp);
 	if (ret < 0) {
-		ERROR("%s - Failed loading rule for %s (nr %d action %d (%s))",
-		      strerror(-ret), line, nr, rule->action,
-		      get_action_name(rule->action));
+		errno = -ret;
+		SYSERROR("Failed loading rule for %s (nr %d action %d (%s))",
+		         line, nr, rule->action, get_action_name(rule->action));
 		return false;
 	}
 
@@ -726,7 +731,8 @@ static int parse_config_v2(FILE *f, char *line, size_t *line_bufsz, struct lxc_c
 
 		ret = seccomp_attr_set(conf->seccomp_ctx, SCMP_FLTATR_CTL_NNP, 0);
 		if (ret < 0) {
-			ERROR("%s - Failed to turn off no-new-privs", strerror(-ret));
+			errno = -ret;
+			SYSERROR("Failed to turn off no-new-privs");
 			return -1;
 		}
 
@@ -1157,7 +1163,8 @@ int lxc_read_seccomp_config(struct lxc_conf *conf)
 	ret = seccomp_attr_set(SCMP_FLTATR_CTL_NNP, 0);
 #endif
 	if (ret < 0) {
-		ERROR("%s - Failed to turn off no-new-privs", strerror(-ret));
+		errno = -ret;
+		SYSERROR("Failed to turn off no-new-privs");
 		return -1;
 	}
 
@@ -1197,7 +1204,8 @@ int lxc_seccomp_load(struct lxc_conf *conf)
 	ret = seccomp_load();
 #endif
 	if (ret < 0) {
-		ERROR("%s- Error loading the seccomp policy", strerror(-ret));
+		errno = -ret;
+		SYSERROR("Error loading the seccomp policy");
 		return -1;
 	}
 
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 8359d356a..9f5f50d53 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -458,8 +458,7 @@ int lxc_serve_state_clients(const char *name, struct lxc_handler *handler,
 				goto again;
 			}
 
-			ERROR("%s - Failed to send message to client",
-			      strerror(errno));
+			SYSERROR("Failed to send message to client");
 		}
 
 		/* kick client from list */
@@ -1416,9 +1415,9 @@ static int lxc_recv_ttys_from_child(struct lxc_handler *handler)
 		TRACE("Received pty with master fd %d and slave fd %d from "
 		      "parent", tty->master, tty->slave);
 	}
+
 	if (ret < 0)
-		ERROR("Failed to receive %zu ttys from child: %s", ttys->max,
-		      strerror(errno));
+		SYSERROR("Failed to receive %zu ttys from child", ttys->max);
 	else
 		TRACE("Received %zu ttys from child", ttys->max);
 
@@ -1686,7 +1685,7 @@ static int lxc_spawn(struct lxc_handler *handler)
 	ret = lxc_try_preserve_ns(handler->pid, "net");
 	if (ret < 0) {
 		if (ret != -EOPNOTSUPP) {
-			ERROR("%s - Failed to preserve net namespace", strerror(errno));
+			SYSERROR("Failed to preserve net namespace");
 			goto out_delete_net;
 		}
 	} else {
@@ -1755,8 +1754,7 @@ static int lxc_spawn(struct lxc_handler *handler)
 		ret = lxc_try_preserve_ns(handler->pid, "cgroup");
 		if (ret < 0) {
 			if (ret != -EOPNOTSUPP) {
-				ERROR("%s - Failed to preserve cgroup namespace",
-				      strerror(errno));
+				SYSERROR("Failed to preserve cgroup namespace");
 				goto out_delete_net;
 			}
 		} else {
diff --git a/src/lxc/storage/btrfs.c b/src/lxc/storage/btrfs.c
index ad5d51e7e..16abebee4 100644
--- a/src/lxc/storage/btrfs.c
+++ b/src/lxc/storage/btrfs.c
@@ -62,7 +62,7 @@ char *get_btrfs_subvol_path(int fd, u64 dir_id, u64 objid, char *name,
 			    int name_len)
 {
 	struct btrfs_ioctl_ino_lookup_args args;
-	int ret, e;
+	int ret;
 	size_t len, retlen;
 	char *retpath;
 
@@ -71,12 +71,11 @@ char *get_btrfs_subvol_path(int fd, u64 dir_id, u64 objid, char *name,
 	args.objectid = objid;
 
 	ret = ioctl(fd, BTRFS_IOC_INO_LOOKUP, &args);
-	e = errno;
 	if (ret) {
-		ERROR("Failed to lookup path for %llu %llu %s - %s\n",
-				 (unsigned long long) dir_id,
-				 (unsigned long long) objid,
-				 name, strerror(e));
+		SYSERROR("Failed to lookup path for %llu %llu %s",
+		         (unsigned long long) dir_id,
+		         (unsigned long long) objid,
+		         name);
 		return NULL;
 	} else
 		INFO("Got path for %llu %llu - %s\n",
diff --git a/src/lxc/sync.c b/src/lxc/sync.c
index adc6fb2c3..f38a56961 100644
--- a/src/lxc/sync.c
+++ b/src/lxc/sync.c
@@ -41,7 +41,7 @@ static int __sync_wait(int fd, int sequence)
 
 	ret = read(fd, &sync, sizeof(sync));
 	if (ret < 0) {
-		ERROR("sync wait failure : %s", strerror(errno));
+		SYSERROR("Sync wait failure");
 		return -1;
 	}
 
@@ -49,7 +49,7 @@ static int __sync_wait(int fd, int sequence)
 		return 0;
 
 	if ((size_t)ret != sizeof(sync)) {
-		ERROR("unexpected sync size: %zu expected %zu", (size_t)ret, sizeof(sync));
+		ERROR("Unexpected sync size: %zu expected %zu", (size_t)ret, sizeof(sync));
 		return -1;
 	}
 
@@ -60,7 +60,7 @@ static int __sync_wait(int fd, int sequence)
 	}
 
 	if (sync != sequence) {
-		ERROR("invalid sequence number %d. expected %d",
+		ERROR("Invalid sequence number %d. expected %d",
 		      sync, sequence);
 		return -1;
 	}
@@ -72,7 +72,7 @@ static int __sync_wake(int fd, int sequence)
 	int sync = sequence;
 
 	if (write(fd, &sync, sizeof(sync)) < 0) {
-		ERROR("sync wake failure : %s", strerror(errno));
+		SYSERROR("Sync wake failure");
 		return -1;
 	}
 	return 0;
diff --git a/src/lxc/terminal.c b/src/lxc/terminal.c
index 06c04ab0b..a3b7c4d96 100644
--- a/src/lxc/terminal.c
+++ b/src/lxc/terminal.c
@@ -685,8 +685,7 @@ static int lxc_terminal_peer_default(struct lxc_terminal *terminal)
 			goto on_succes;
 		}
 
-		ERROR("%s - Failed to open proxy terminal \"%s\"",
-		      strerror(errno), path);
+		SYSERROR("Failed to open proxy terminal \"%s\"", path);
 		return -ENOTTY;
 	}
 	DEBUG("Using terminal \"%s\" as proxy", path);
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 39676c7e0..85cc85eda 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -1030,8 +1030,10 @@ int lxc_read_from_file(const char *filename, void* buf, size_t count)
 	if (!buf || !count) {
 		char buf2[100];
 		size_t count2 = 0;
+
 		while ((ret = read(fd, buf2, 100)) > 0)
 			count2 += ret;
+
 		if (ret >= 0)
 			ret = count2;
 	} else {
@@ -1040,7 +1042,7 @@ int lxc_read_from_file(const char *filename, void* buf, size_t count)
 	}
 
 	if (ret < 0)
-		ERROR("read %s: %s", filename, strerror(errno));
+		SYSERROR("Read %s", filename);
 
 	saved_errno = errno;
 	close(fd);


More information about the lxc-devel mailing list