mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2025-01-18 17:16:46 +02:00
Set the close-on-exec flag on file descriptors
This commit is contained in:
parent
7b22bec252
commit
35355fc1fc
5 changed files with 20 additions and 3 deletions
|
@ -492,6 +492,7 @@ void UserLock::acquire()
|
|||
AutoCloseFD fd = open(fnUserLock.c_str(), O_RDWR | O_CREAT, 0600);
|
||||
if (fd == -1)
|
||||
throw SysError(format("opening user lock `%1%'") % fnUserLock);
|
||||
closeOnExec(fd);
|
||||
|
||||
if (lockFile(fd, ltWrite, false)) {
|
||||
fdUserLock = fd.borrow();
|
||||
|
@ -1792,9 +1793,6 @@ void DerivationGoal::startBuilder()
|
|||
if (chdir(tmpDir.c_str()) == -1)
|
||||
throw SysError(format("changing into `%1%'") % tmpDir);
|
||||
|
||||
/* Close all other file descriptors. */
|
||||
closeMostFDs(set<int>());
|
||||
|
||||
#ifdef CAN_DO_LINUX32_BUILDS
|
||||
if (drv.platform == "i686-linux" && thisSystem == "x86_64-linux") {
|
||||
if (personality(0x0008 | 0x8000000 /* == PER_LINUX32_3GB */) == -1)
|
||||
|
@ -2026,6 +2024,7 @@ Path DerivationGoal::openLogFile()
|
|||
O_CREAT | O_WRONLY | O_TRUNC, 0666);
|
||||
if (fdLogFile == -1)
|
||||
throw SysError(format("creating log file `%1%'") % logFileName);
|
||||
closeOnExec(fdLogFile);
|
||||
|
||||
return logFileName;
|
||||
}
|
||||
|
|
|
@ -40,6 +40,7 @@ int LocalStore::openGCLock(LockType lockType)
|
|||
AutoCloseFD fdGCLock = open(fnGCLock.c_str(), O_RDWR | O_CREAT, 0600);
|
||||
if (fdGCLock == -1)
|
||||
throw SysError(format("opening global GC lock `%1%'") % fnGCLock);
|
||||
closeOnExec(fdGCLock);
|
||||
|
||||
if (!lockFile(fdGCLock, lockType, false)) {
|
||||
printMsg(lvlError, format("waiting for the big garbage collector lock..."));
|
||||
|
|
|
@ -20,6 +20,8 @@ int openLockFile(const Path & path, bool create)
|
|||
if (fd == -1 && (create || errno != ENOENT))
|
||||
throw SysError(format("opening lock file `%1%'") % path);
|
||||
|
||||
closeOnExec(fd);
|
||||
|
||||
return fd.borrow();
|
||||
}
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
#include <cstring>
|
||||
|
||||
#include <sys/wait.h>
|
||||
#include <unistd.h>
|
||||
#include <fcntl.h>
|
||||
#include <limits.h>
|
||||
|
||||
|
@ -683,6 +684,8 @@ void Pipe::create()
|
|||
if (pipe(fds) != 0) throw SysError("creating pipe");
|
||||
readSide = fds[0];
|
||||
writeSide = fds[1];
|
||||
closeOnExec(readSide);
|
||||
closeOnExec(writeSide);
|
||||
}
|
||||
|
||||
|
||||
|
@ -934,6 +937,15 @@ void closeMostFDs(const set<int> & exceptions)
|
|||
}
|
||||
|
||||
|
||||
void closeOnExec(int fd)
|
||||
{
|
||||
int prev;
|
||||
if ((prev = fcntl(fd, F_GETFD, 0)) == -1 ||
|
||||
fcntl(fd, F_SETFD, prev | FD_CLOEXEC) == -1)
|
||||
throw SysError("setting close-on-exec flag");
|
||||
}
|
||||
|
||||
|
||||
void quickExit(int status)
|
||||
{
|
||||
_exit(status);
|
||||
|
|
|
@ -258,6 +258,9 @@ string runProgram(Path program, bool searchPath = false,
|
|||
listed in the given set. Good practice in child processes. */
|
||||
void closeMostFDs(const set<int> & exceptions);
|
||||
|
||||
/* Set the close-on-exec flag for the given file descriptor. */
|
||||
void closeOnExec(int fd);
|
||||
|
||||
/* Wrapper around _exit() on Unix and ExitProcess() on Windows. (On
|
||||
Cygwin, _exit() doesn't seem to do the right thing.) */
|
||||
void quickExit(int status);
|
||||
|
|
Loading…
Reference in a new issue