process-util: add new FORK_CLOEXEC_OFF flag for disabling O_CLOEXEC on remaining fds

Often the fds that shall stay around in the child shall be passed
to a process over execve(), hence add an option to explicitly disable
O_CLOEXEC on them in the child.

diff --git a/src/basic/process-util.c b/src/basic/process-util.c
index fb0b38fa49da3ef7d139f1df28c485b8108baa33..0213f5913f5fed4da784e50150e806aa97b0e124 100644 (file)
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -1372,6 +1372,14 @@ int safe_fork_full(
                 }
         }
 
+        if (flags & FORK_CLOEXEC_OFF) {
+                r = fd_cloexec_many(except_fds, n_except_fds, false);
+                if (r < 0) {
+                        log_full_errno(prio, r, "Failed to turn off O_CLOEXEC on file descriptors: %m");
+                        _exit(EXIT_FAILURE);
+                }
+        }
+
         /* When we were asked to reopen the logs, do so again now */
         if (flags & FORK_REOPEN_LOG) {
                 log_open();

diff --git a/src/basic/process-util.h b/src/basic/process-util.h
index f8c374a310367b745983ec9e95fed0bda8f69d3d..ed2f73673e7aaea7e58a3537b4ee5d7a4e45ebda 100644 (file)
--- a/src/basic/process-util.h
+++ b/src/basic/process-util.h
@@ -150,6 +150,7 @@ typedef enum ForkFlags {
         FORK_STDOUT_TO_STDERR   = 1 << 11, /* Make stdout a copy of stderr */
         FORK_FLUSH_STDIO        = 1 << 12, /* fflush() stdout (and stderr) before forking */
         FORK_NEW_USERNS         = 1 << 13, /* Run child in its own user namespace */
+        FORK_CLOEXEC_OFF        = 1 << 14, /* In the child: turn off O_CLOEXEC on all fds in except_fds[] */
 } ForkFlags;
 
 int safe_fork_full(const char *name, const int except_fds[], size_t n_except_fds, ForkFlags flags, pid_t *ret_pid);