From 47a71eed0f41c8661361d5506e47d1b223613680 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 27 Jan 2010 06:18:45 +0100 Subject: [PATCH 1/1] drop O_CLOEXEC/O_NONBLOCK from files intended for forked clients --- execute.c | 37 ++++++++++++++++++++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-) diff --git a/execute.c b/execute.c index 6b1d4a1da..1ca91fddd 100644 --- a/execute.c +++ b/execute.c @@ -105,6 +105,40 @@ static int shift_fds(int fds[], unsigned n_fds) { return 0; } +static int flags_fds(int fds[], unsigned n_fds) { + unsigned i; + + if (n_fds <= 0) + return 0; + + assert(fds); + + /* Drops O_NONBLOCK and FD_CLOEXEC from the file flags */ + + for (i = 0; i < n_fds; i++) { + int flags; + + if ((flags = fcntl(fds[i], F_GETFL, 0)) < 0) + return -errno; + + /* Since we are at it, let's make sure that nobody + * forgot setting O_NONBLOCK for all our fds */ + + if (fcntl(fds[i], F_SETFL, flags &~O_NONBLOCK) < 0) + return -errno; + + if ((flags = fcntl(fds[i], F_GETFD, 0)) < 0) + return -errno; + + /* Also make sure nobody forgot O_CLOEXEC for all our + * fds */ + if (fcntl(fds[i], F_SETFD, flags &~FD_CLOEXEC) < 0) + return -errno; + } + + return 0; +} + int exec_spawn(const ExecCommand *command, const ExecContext *context, int *fds, unsigned n_fds, pid_t *ret) { pid_t pid; @@ -153,7 +187,8 @@ int exec_spawn(const ExecCommand *command, const ExecContext *context, int *fds, } if (close_fds(fds, n_fds) < 0 || - shift_fds(fds, n_fds) < 0) { + shift_fds(fds, n_fds) < 0 || + flags_fds(fds, n_fds) < 0) { r = EXIT_FDS; goto fail; } -- 2.30.2