From: Serge Hallyn <serge.hallyn@ubuntu.com>
Date: Fri, 14 Feb 2014 22:23:24 +0000 (+0100)
Subject: lxc-start: close inherited fds right before exec
X-Git-Tag: lxc-1.0.0.rc2~8
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1d16785;p=thirdparty%2Flxc.git

lxc-start: close inherited fds right before exec

Not before we've even forked.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
---

diff --git a/src/lxc/start.c b/src/lxc/start.c
index 69e34861a..81d3f47cc 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -676,6 +676,9 @@ static int do_start(void *data)
 
 	close(handler->sigfd);
 
+	if (lxc_check_inherited(handler->conf, -1))
+		return -1;
+
 	/* after this call, we are in error because this
 	 * ops should not return as it execs */
 	handler->ops->start(handler, handler->data);
@@ -1030,9 +1033,6 @@ int lxc_start(const char *name, char *const argv[], struct lxc_conf *conf,
 		.argv = argv,
 	};
 
-	if (lxc_check_inherited(conf, -1))
-		return -1;
-
 	conf->need_utmp_watch = 1;
 	return __lxc_start(name, conf, &start_ops, &start_arg, lxcpath);
 }