From 37d5831e32e7f1d0395fdd9e19120a7eca66caff Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Sun, 29 Oct 2017 17:03:57 +0100 Subject: [PATCH] start: close data socket in parent Brings the number of open fds in the monitor process for a standard container without ttys down to 17. Signed-off-by: Christian Brauner --- src/lxc/start.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/lxc/start.c b/src/lxc/start.c index 664dbc3ba..81cee074f 100644 --- a/src/lxc/start.c +++ b/src/lxc/start.c @@ -1149,6 +1149,11 @@ int __lxc_start(const char *name, struct lxc_conf *conf, ERROR("failed to spawn '%s'", name); goto out_fini_nonet; } + /* close parent side of data socket */ + close(handler->data_sock[0]); + handler->data_sock[0] = -1; + close(handler->data_sock[1]); + handler->data_sock[1] = -1; handler->conf->reboot = 0; -- 2.47.3