From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Wed, 28 Jun 2017 11:30:05 +0000 (+0200)
Subject: start: generalize lxc_check_inherited()
X-Git-Tag: lxc-2.1.0~57^2~11
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=47a46cf1d28aad270072a983910d881d9c6e14aa;p=thirdparty%2Flxc.git

start: generalize lxc_check_inherited()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/execute.c b/src/lxc/execute.c
index 40fd2241e..ddfd9fadb 100644
--- a/src/lxc/execute.c
+++ b/src/lxc/execute.c
@@ -116,7 +116,7 @@ int lxc_execute(const char *name, char *const argv[], int quiet,
 {
 	struct execute_args args = {.argv = argv, .quiet = quiet};
 
-	if (lxc_check_inherited(handler->conf, false, handler->conf->maincmd_fd))
+	if (lxc_check_inherited(handler->conf, false, &handler->conf->maincmd_fd, 1))
 		return -1;
 
 	handler->conf->is_execute = 1;
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index d02379403..832c15968 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -830,7 +830,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
 			SYSERROR("Error chdir()ing to /.");
 			exit(1);
 		}
-		lxc_check_inherited(conf, true, handler->conf->maincmd_fd);
+		lxc_check_inherited(conf, true, &handler->conf->maincmd_fd, 1);
 		if (null_stdfds() < 0) {
 			ERROR("failed to close fds");
 			exit(1);
@@ -900,7 +900,7 @@ reboot:
 			goto out;
 	}
 
-	if (lxc_check_inherited(conf, daemonize, handler->conf->maincmd_fd)) {
+	if (lxc_check_inherited(conf, daemonize, &handler->conf->maincmd_fd, 1)) {
 		ERROR("Inherited fds found");
 		lxc_free_handler(handler);
 		ret = 1;
diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c
index 1758402a9..ba062e8d9 100644
--- a/src/lxc/monitor.c
+++ b/src/lxc/monitor.c
@@ -370,7 +370,7 @@ int lxc_monitord_spawn(const char *lxcpath)
 		exit(EXIT_FAILURE);
 	}
 
-	lxc_check_inherited(NULL, true, pipefd[1]);
+	lxc_check_inherited(NULL, true, &pipefd[1], 1);
 	if (null_stdfds() < 0) {
 		SYSERROR("Failed to dup2() standard file descriptors to /dev/null.");
 		exit(EXIT_FAILURE);
diff --git a/src/lxc/network.c b/src/lxc/network.c
index 86c3ee599..0295d5d41 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -1410,7 +1410,7 @@ static bool is_ovs_bridge(const char *bridge)
  */
 static void ovs_cleanup_nic(const char *lxcpath, const char *name, const char *bridge, const char *nic)
 {
-	if (lxc_check_inherited(NULL, true, -1) < 0)
+	if (lxc_check_inherited(NULL, true, &(int){-1}, 1) < 0)
 		return;
 	if (lxc_wait(name, "STOPPED", -1, lxcpath) < 0)
 		return;
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 2d121bfd5..a9dbd78a5 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -189,18 +189,12 @@ static int match_fd(int fd)
 	return (fd == 0 || fd == 1 || fd == 2);
 }
 
-/* Check for any fds we need to close.
- * - If fd_to_ignore != -1, then if we find that fd open we will ignore it.
- * - By default we warn about open fds we find.
- * - If closeall is true, we will close open fds.
- * - If lxc-start was passed "-C", then conf->close_all_fds will be true, in
- *   which case we also close all open fds.
- * - A daemonized container will always pass closeall=true.
- */
-int lxc_check_inherited(struct lxc_conf *conf, bool closeall, int fd_to_ignore)
+int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
+			int *fds_to_ignore, size_t len_fds)
 {
 	struct dirent *direntp;
 	int fd, fddir;
+	size_t i;
 	DIR *dir;
 
 	if (conf && conf->close_all_fds)
@@ -230,7 +224,12 @@ restart:
 			continue;
 		}
 
-		if (fd == fddir || fd == lxc_log_fd || fd == fd_to_ignore)
+		for (i = 0; i < len_fds; i++)
+			if (fds_to_ignore[i] == fd)
+				break;
+
+		if (fd == fddir || fd == lxc_log_fd ||
+		    (i < len_fds && fd == fds_to_ignore[i]))
 			continue;
 
 		if (current_config && fd == current_config->logfd)
diff --git a/src/lxc/start.h b/src/lxc/start.h
index 103f15b67..58bfbb25c 100644
--- a/src/lxc/start.h
+++ b/src/lxc/start.h
@@ -73,7 +73,15 @@ extern void lxc_free_handler(struct lxc_handler *handler);
 extern int lxc_init(const char *name, struct lxc_handler *handler);
 extern void lxc_fini(const char *name, struct lxc_handler *handler);
 
-extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall, int fd_to_ignore);
+/* lxc_check_inherited: Check for any open file descriptors and close them if
+ *                      requested.
+ * @param[in] conf          The container's configuration.
+ * @param[in] closeall      Whether we should close all open file descriptors.
+ * @param[in] fds_to_ignore Array of file descriptors to ignore.
+ * @param[in] len_fds       Length of fds_to_ignore array.
+ */
+extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
+			       int *fds_to_ignore, size_t len_fds);
 int __lxc_start(const char *, struct lxc_handler *, struct lxc_operations *,
 		void *, const char *, bool);