]> git.proxmox.com Git - mirror_lxc.git/commitdiff
projects / mirror_lxc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 72a19d2)
attach: move file descriptor closing into attach_context_container()
authorChristian Brauner <christian.brauner@ubuntu.com>
Tue, 2 Feb 2021 09:26:21 +0000 (10:26 +0100)
committerChristian Brauner <christian.brauner@ubuntu.com>
Tue, 2 Feb 2021 09:51:03 +0000 (10:51 +0100)
This reduces the possibility of forgetting to close the namespace file
descriptors when we change this codepath.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
src/lxc/attach.c patch | blob | blame | history

diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 4f1fee2716c6a4eafb91498c927a136332da1e4b..543f8b7792fbc529d6f05ac68911c0176c5c596e 100644 (file)
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -572,6 +572,8 @@ static void put_attach_context(struct attach_context *ctx)
 
 static int attach_context_container(struct attach_context *ctx)
 {
+       int fret = 0;
+
        for (int i = 0; i < LXC_NS_MAX; i++) {
                int ret;
 
@@ -579,16 +581,19 @@ static int attach_context_container(struct attach_context *ctx)
                        continue;
 
                ret = setns(ctx->ns_fd[i], ns_info[i].clone_flag);
-               if (ret < 0)
-                       return log_error_errno(-1, errno,
-                                              "Failed to attach to %s namespace of %d",
-                                              ns_info[i].proc_name, ctx->init_pid);
+               if (ret)
+                       return log_error_errno(-errno, errno, "Failed to attach to %s namespace of %d", ns_info[i].proc_name, ctx->init_pid);
 
-               DEBUG("Attached to %s namespace of %d",
-               ns_info[i].proc_name, ctx->init_pid);
+               DEBUG("Attached to %s namespace of %d", ns_info[i].proc_name, ctx->init_pid);
+
+               if (close(ctx->ns_fd[i])) {
+                       fret = -errno;
+                       SYSERROR("Failed to close file descriptor for %s namespace", ns_info[i].proc_name);
+               }
+               ctx->ns_fd[i] = -EBADF;
        }
 
-       return 0;
+       return fret;
 }
 
 /*
@@ -1436,9 +1441,6 @@ int lxc_attach(struct lxc_container *container, lxc_attach_exec_t exec_function,
                        _exit(EXIT_FAILURE);
                }
 
-               /* close namespace file descriptors */
-               close_nsfds(ctx);
-
                /* Attach succeeded, try to cwd. */
                if (options->initial_cwd)
                        new_cwd = options->initial_cwd;
LXC mirror