lxc_spawn: don't close pinfd until container is stopped

Otherwise containers may be able to remount -o ro their rootfs
at shutdown.

Reported-by: Harald Dunkel <harri@afaics.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

diff --git a/src/lxc/start.c b/src/lxc/start.c
index 7ee67ec04b069dc1591d92aa08d4de1329d03fa7..e841bac5a9368b7470405ffeead2f6b5348d951e 100644 (file)
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -274,6 +274,7 @@ struct lxc_handler *lxc_init(const char *name, struct lxc_conf *conf, const char
 
        handler->conf = conf;
        handler->lxcpath = lxcpath;
+       handler->pinfd = -1;
 
        apparmor_handler_init(handler);
        handler->name = strdup(name);
@@ -740,9 +741,6 @@ int lxc_spawn(struct lxc_handler *handler)
 
        lxc_sync_fini(handler);
 
-       if (handler->pinfd >= 0)
-               close(handler->pinfd);
-
        return 0;
 
 out_delete_net:
@@ -751,6 +749,11 @@ out_delete_net:
 out_abort:
        lxc_abort(name, handler);
        lxc_sync_fini(handler);
+       if (handler->pinfd >= 0) {
+               close(handler->pinfd);
+               handler->pinfd = -1;
+       }
+
        return -1;
 }
 
@@ -818,6 +821,11 @@ int __lxc_start(const char *name, struct lxc_conf *conf,
 
        lxc_rename_phys_nics_on_shutdown(handler->conf);
 
+       if (handler->pinfd >= 0) {
+               close(handler->pinfd);
+               handler->pinfd = -1;
+       }
+
        err =  lxc_error_set_and_log(handler->pid, status);
 out_fini:
        lxc_delete_network(handler);