process 1 process 2
ask kernel if chain X exists ask kernel if chain X exists
--> yes --> yes
ask kernel to delete chain X
--> OK
ask kernel to delete chain X
--> ENOENT
You only get the normal "chain doesn't exist" error message if the initial check fails; if another process deletes the chain after that, then it outputs the raw kernel error. (This can happen in the containernetworking/plugins tests.)
So make IsNotExist recognize "No such file or directory".
With iptables-nft, this can happen:
You only get the normal "chain doesn't exist" error message if the initial check fails; if another process deletes the chain after that, then it outputs the raw kernel error. (This can happen in the containernetworking/plugins tests.)
So make IsNotExist recognize "No such file or directory".
cc @squeed