[CRIU] [PATCH] ip: set the close-on-exec flag for descriptors
Pavel Emelyanov
xemul at parallels.com
Tue Jun 4 09:26:06 EDT 2013
On 06/04/2013 02:05 AM, Andrey Vagin wrote:
> Otherwise a program executed by "ip netns exec" has two extra
> descriptors.
>
> $ ip netns exec test /bin/bash
> $ lsof -p $$
> ...
> bash 817 root 0u CHR 136,0 0t0 3 /dev/pts/0
> bash 817 root 1u CHR 136,0 0t0 3 /dev/pts/0
> bash 817 root 2u CHR 136,0 0t0 3 /dev/pts/0
> bash 817 root 3u sock 0,6 0t0 13386 protocol: NETLINK
> bash 817 root 4r REG 0,3 0 4026532155 net
> bash 817 root 255u CHR 136,0 0t0 3 /dev/pts/0
>
> Reported-by: Dilip Daya <dilip.daya at hp.com>
> Signed-off-by: Andrey Vagin <avagin at openvz.org>
This should be sent to Stephen Hemminger.
> ---
> ip/ipnetns.c | 2 +-
> lib/libnetlink.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/ip/ipnetns.c b/ip/ipnetns.c
> index c9bc20a..fa2b681 100644
> --- a/ip/ipnetns.c
> +++ b/ip/ipnetns.c
> @@ -150,7 +150,7 @@ static int netns_exec(int argc, char **argv)
> name = argv[0];
> cmd = argv[1];
> snprintf(net_path, sizeof(net_path), "%s/%s", NETNS_RUN_DIR, name);
> - netns = open(net_path, O_RDONLY);
> + netns = open(net_path, O_RDONLY | O_CLOEXEC);
> if (netns < 0) {
> fprintf(stderr, "Cannot open network namespace \"%s\": %s\n",
> name, strerror(errno));
> diff --git a/lib/libnetlink.c b/lib/libnetlink.c
> index b17e1aa..9e2a795 100644
> --- a/lib/libnetlink.c
> +++ b/lib/libnetlink.c
> @@ -43,7 +43,7 @@ int rtnl_open_byproto(struct rtnl_handle *rth, unsigned subscriptions,
>
> memset(rth, 0, sizeof(*rth));
>
> - rth->fd = socket(AF_NETLINK, SOCK_RAW, protocol);
> + rth->fd = socket(AF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, protocol);
> if (rth->fd < 0) {
> perror("Cannot open netlink socket");
> return -1;
>
More information about the CRIU
mailing list