From: Michael Kerrisk <mtk.manpages@gmail.com>
Date: Fri, 17 Jul 2020 07:22:52 +0000 (+0200)
Subject: setns.2: EXAMPLE: use O_CLOEXEC when opening namespace file descriptor
X-Git-Tag: man-pages-5.08~58
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=298743a5730852395b2c558da7a4b13721d789b5;p=thirdparty%2Fman-pages.git

setns.2: EXAMPLE: use O_CLOEXEC when opening namespace file descriptor

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
---

diff --git a/man2/setns.2 b/man2/setns.2
index c31c55cbc2..7e38eefcfd 100644
--- a/man2/setns.2
+++ b/man2/setns.2
@@ -396,7 +396,11 @@ main(int argc, char *argv[])
         exit(EXIT_FAILURE);
     }
 
-    fd = open(argv[1], O_RDONLY); /* Get file descriptor for namespace */
+    /* Get file descriptor for namespace; the file descriptor is opened with
+       O_CLOEXEC so as to ensure that it is not inherited by the program that
+       is later executed. */
+
+    fd = open(argv[1], O_RDONLY | O_CLOEXEC);
     if (fd == \-1)
         errExit("open");