start: generalize lxc_check_inherited()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/execute.c b/src/lxc/execute.c
index 40fd2241e6b0187f5b574a4a83998335ec45c940..ddfd9fadb026d919c0b1341a93efad4c62b125af 100644 (file)
--- a/src/lxc/execute.c
+++ b/src/lxc/execute.c
@@ -116,7 +116,7 @@ int lxc_execute(const char *name, char *const argv[], int quiet,
 {
        struct execute_args args = {.argv = argv, .quiet = quiet};
 
-       if (lxc_check_inherited(handler->conf, false, handler->conf->maincmd_fd))
+       if (lxc_check_inherited(handler->conf, false, &handler->conf->maincmd_fd, 1))
                return -1;
 
        handler->conf->is_execute = 1;

diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index d02379403e4de3eb9383076ac42866bf2dfbfbf8..832c15968254b7b8f5eb2b61bc9e499702dea1d0 100644 (file)
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -830,7 +830,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
                        SYSERROR("Error chdir()ing to /.");
                        exit(1);
                }
-               lxc_check_inherited(conf, true, handler->conf->maincmd_fd);
+               lxc_check_inherited(conf, true, &handler->conf->maincmd_fd, 1);
                if (null_stdfds() < 0) {
                        ERROR("failed to close fds");
                        exit(1);
@@ -900,7 +900,7 @@ reboot:
                        goto out;
        }
 
-       if (lxc_check_inherited(conf, daemonize, handler->conf->maincmd_fd)) {
+       if (lxc_check_inherited(conf, daemonize, &handler->conf->maincmd_fd, 1)) {
                ERROR("Inherited fds found");
                lxc_free_handler(handler);
                ret = 1;

diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c
index 1758402a9dd0f07b3bc83f99c6b38d3a726ae71d..ba062e8d9e627a6c85e2c7c1e70a01a2f88aa457 100644 (file)
--- a/src/lxc/monitor.c
+++ b/src/lxc/monitor.c
@@ -370,7 +370,7 @@ int lxc_monitord_spawn(const char *lxcpath)
                exit(EXIT_FAILURE);
        }
 
-       lxc_check_inherited(NULL, true, pipefd[1]);
+       lxc_check_inherited(NULL, true, &pipefd[1], 1);
        if (null_stdfds() < 0) {
                SYSERROR("Failed to dup2() standard file descriptors to /dev/null.");
                exit(EXIT_FAILURE);

diff --git a/src/lxc/network.c b/src/lxc/network.c
index 86c3ee5995d7788504c7378311e5ad094b5731e5..0295d5d41207748d66ee7ad27dba21d096321c6a 100644 (file)
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -1410,7 +1410,7 @@ static bool is_ovs_bridge(const char *bridge)
  */
 static void ovs_cleanup_nic(const char *lxcpath, const char *name, const char *bridge, const char *nic)
 {
-       if (lxc_check_inherited(NULL, true, -1) < 0)
+       if (lxc_check_inherited(NULL, true, &(int){-1}, 1) < 0)
                return;
        if (lxc_wait(name, "STOPPED", -1, lxcpath) < 0)
                return;

diff --git a/src/lxc/start.c b/src/lxc/start.c
index 2d121bfd5d89bfe1335628a2893950f926ff8718..a9dbd78a5da30591faf472d777dfc2f05c9da39c 100644 (file)
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -189,18 +189,12 @@ static int match_fd(int fd)
        return (fd == 0 || fd == 1 || fd == 2);
 }
 
-/* Check for any fds we need to close.
- * - If fd_to_ignore != -1, then if we find that fd open we will ignore it.
- * - By default we warn about open fds we find.
- * - If closeall is true, we will close open fds.
- * - If lxc-start was passed "-C", then conf->close_all_fds will be true, in
- *   which case we also close all open fds.
- * - A daemonized container will always pass closeall=true.
- */
-int lxc_check_inherited(struct lxc_conf *conf, bool closeall, int fd_to_ignore)
+int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
+                       int *fds_to_ignore, size_t len_fds)
 {
        struct dirent *direntp;
        int fd, fddir;
+       size_t i;
        DIR *dir;
 
        if (conf && conf->close_all_fds)
@@ -230,7 +224,12 @@ restart:
                        continue;
                }
 
-               if (fd == fddir || fd == lxc_log_fd || fd == fd_to_ignore)
+               for (i = 0; i < len_fds; i++)
+                       if (fds_to_ignore[i] == fd)
+                               break;
+
+               if (fd == fddir || fd == lxc_log_fd ||
+                   (i < len_fds && fd == fds_to_ignore[i]))
                        continue;
 
                if (current_config && fd == current_config->logfd)

diff --git a/src/lxc/start.h b/src/lxc/start.h
index 103f15b67c74b24e57b61ce614e9d3a0c5482908..58bfbb25c6f0a424a7fda668d2936db25216dca4 100644 (file)
--- a/src/lxc/start.h
+++ b/src/lxc/start.h
@@ -73,7 +73,15 @@ extern void lxc_free_handler(struct lxc_handler *handler);
 extern int lxc_init(const char *name, struct lxc_handler *handler);
 extern void lxc_fini(const char *name, struct lxc_handler *handler);
 
-extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall, int fd_to_ignore);
+/* lxc_check_inherited: Check for any open file descriptors and close them if
+ *                      requested.
+ * @param[in] conf          The container's configuration.
+ * @param[in] closeall      Whether we should close all open file descriptors.
+ * @param[in] fds_to_ignore Array of file descriptors to ignore.
+ * @param[in] len_fds       Length of fds_to_ignore array.
+ */
+extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
+                              int *fds_to_ignore, size_t len_fds);
 int __lxc_start(const char *, struct lxc_handler *, struct lxc_operations *,
                void *, const char *, bool);