start: cleanup file descriptor inheritance

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 80f2f66d3f4d035234fd66b64c8161cd5e911b49..48018fe3292aacc888683f2b3039d8db36c52ce9 100644 (file)
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -865,7 +865,6 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
                NULL,
        };
        char **init_cmd = NULL;
-       int keepfds[3] = {-EBADF, -EBADF, -EBADF};
 
        /* container does exist */
        if (!c)
@@ -996,10 +995,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
                        _exit(EXIT_FAILURE);
                }
 
-               keepfds[0] = handler->conf->maincmd_fd;
-               keepfds[1] = handler->state_socket_pair[0];
-               keepfds[2] = handler->state_socket_pair[1];
-               ret = lxc_check_inherited(conf, true, keepfds, ARRAY_SIZE(keepfds));
+               ret = inherit_fds(handler, true);
                if (ret < 0)
                        _exit(EXIT_FAILURE);
 
@@ -1084,13 +1080,9 @@ reboot:
                        ret = 1;
                        goto on_error;
                }
-       } else {
-               keepfds[1] = handler->state_socket_pair[0];
-               keepfds[2] = handler->state_socket_pair[1];
        }
 
-       keepfds[0] = handler->conf->maincmd_fd;
-       ret = lxc_check_inherited(conf, c->daemonize, keepfds, ARRAY_SIZE(keepfds));
+       ret = inherit_fds(handler, c->daemonize);
        if (ret < 0) {
                lxc_put_handler(handler);
                ret = 1;

diff --git a/src/lxc/start.c b/src/lxc/start.c
index 49714e6ad39aa70066b55148dd209a4b06046cc7..668325d1194fd46f82da3b134e642a1b5f72fd13 100644 (file)
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -627,6 +627,7 @@ struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
                                     const char *name, struct lxc_conf *conf,
                                     const char *lxcpath, bool daemonize)
 {
+       int nr_keep_fds = 0;
        int ret;
        struct lxc_handler *handler;
 
@@ -680,6 +681,8 @@ struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
                TRACE("Created anonymous pair {%d,%d} of unix sockets",
                      handler->state_socket_pair[0],
                      handler->state_socket_pair[1]);
+               handler->keep_fds[nr_keep_fds++] = handler->state_socket_pair[0];
+               handler->keep_fds[nr_keep_fds++] = handler->state_socket_pair[1];
        }
 
        if (handler->conf->reboot == REBOOT_NONE) {
@@ -688,6 +691,7 @@ struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
                        ERROR("Failed to set up command socket");
                        goto on_error;
                }
+               handler->keep_fds[nr_keep_fds++] = handler->conf->maincmd_fd;
        }
 
        TRACE("Unix domain socket %d for command server is ready",

diff --git a/src/lxc/start.h b/src/lxc/start.h
index 88afc79b1e6bd04955eb1c2be68111c1719efa15..ece4aac472e493c1c785a6abc592bfb75c08f695 100644 (file)
--- a/src/lxc/start.h
+++ b/src/lxc/start.h
@@ -10,6 +10,7 @@
 #include <sys/un.h>
 
 #include "conf.h"
+#include "macro.h"
 #include "namespace.h"
 #include "state.h"
 
@@ -122,6 +123,9 @@ struct lxc_handler {
        int exit_status;
 
        struct cgroup_ops *cgroup_ops;
+
+       /* Internal fds that always need to stay open. */
+       int keep_fds[3];
 };
 
 struct execute_args {
@@ -160,6 +164,11 @@ extern void lxc_end(struct lxc_handler *handler);
  */
 extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
                               int *fds_to_ignore, size_t len_fds);
+static inline int inherit_fds(struct lxc_handler *handler, bool closeall)
+{
+       return lxc_check_inherited(handler->conf, closeall, handler->keep_fds,
+                                  ARRAY_SIZE(handler->keep_fds));
+}
 extern int __lxc_start(struct lxc_handler *, struct lxc_operations *, void *,
                       const char *, bool, int *);