From 24707291b8cb389ab936d44dfadf0913c27ac50c Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Fri, 7 Jan 2022 13:42:33 +0100
Subject: [PATCH] seccomp: close seccomp notifier fd in cleanup handler

Reported-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 src/lxc/seccomp.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 6c56b8d0f..5a725f677 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -1373,6 +1373,7 @@ int seccomp_notify_cleanup_handler(int fd, void *data)
 	 * seccomp notify handler through the command socket (e.g. for attach)
 	 * and so we won't touch the container's config.
 	 */
+	close(fd);
 #endif
 	return 0;
 }
-- 
2.47.2