process-util: revamp flags handling in namespace_fork()
* Specifying all 3 of FORK_DEATHSIG_SIG{KILL,TERM,INT} for
the middle man makes zero sense. Use SIGKILL only.
* Make sure operations on except_fds work sensibly - close/pack/
de-ocloexecify fds only in the second level, so that the namespace
fds remain usable across first safe_fork().
* Fire FORK_NEW_*NS after attaching to the desired namespaces,
not already in the outer process.
* Insist on PDEATHSIG being enabled to ensure propagation of killing.
* Suppress more redundant flags.
projects / thirdparty / systemd.git / commit
