From: Christian Brauner Date: Tue, 2 Feb 2021 09:26:21 +0000 (+0100) Subject: attach: move file descriptor closing into attach_context_container() X-Git-Tag: lxc-5.0.0~306^2~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=92466fe34b54940da4cb03ee616aa4cb22cebd90;p=thirdparty%2Flxc.git attach: move file descriptor closing into attach_context_container() This reduces the possibility of forgetting to close the namespace file descriptors when we change this codepath. Signed-off-by: Christian Brauner --- diff --git a/src/lxc/attach.c b/src/lxc/attach.c index 4f1fee271..543f8b779 100644 --- a/src/lxc/attach.c +++ b/src/lxc/attach.c @@ -572,6 +572,8 @@ static void put_attach_context(struct attach_context *ctx) static int attach_context_container(struct attach_context *ctx) { + int fret = 0; + for (int i = 0; i < LXC_NS_MAX; i++) { int ret; @@ -579,16 +581,19 @@ static int attach_context_container(struct attach_context *ctx) continue; ret = setns(ctx->ns_fd[i], ns_info[i].clone_flag); - if (ret < 0) - return log_error_errno(-1, errno, - "Failed to attach to %s namespace of %d", - ns_info[i].proc_name, ctx->init_pid); + if (ret) + return log_error_errno(-errno, errno, "Failed to attach to %s namespace of %d", ns_info[i].proc_name, ctx->init_pid); - DEBUG("Attached to %s namespace of %d", - ns_info[i].proc_name, ctx->init_pid); + DEBUG("Attached to %s namespace of %d", ns_info[i].proc_name, ctx->init_pid); + + if (close(ctx->ns_fd[i])) { + fret = -errno; + SYSERROR("Failed to close file descriptor for %s namespace", ns_info[i].proc_name); + } + ctx->ns_fd[i] = -EBADF; } - return 0; + return fret; } /* @@ -1436,9 +1441,6 @@ int lxc_attach(struct lxc_container *container, lxc_attach_exec_t exec_function, _exit(EXIT_FAILURE); } - /* close namespace file descriptors */ - close_nsfds(ctx); - /* Attach succeeded, try to cwd. */ if (options->initial_cwd) new_cwd = options->initial_cwd;