]> err.no Git - systemd/commitdiff
drop O_CLOEXEC/O_NONBLOCK from files intended for forked clients
authorLennart Poettering <lennart@poettering.net>
Wed, 27 Jan 2010 05:18:45 +0000 (06:18 +0100)
committerLennart Poettering <lennart@poettering.net>
Wed, 27 Jan 2010 05:18:45 +0000 (06:18 +0100)
execute.c

index 6b1d4a1da1b941268a2fe0faa1d1322e55bc3f5e..1ca91fddd78f8b1fdea5e431b4b00e968afa62c0 100644 (file)
--- a/execute.c
+++ b/execute.c
@@ -105,6 +105,40 @@ static int shift_fds(int fds[], unsigned n_fds) {
         return 0;
 }
 
+static int flags_fds(int fds[], unsigned n_fds) {
+        unsigned i;
+
+        if (n_fds <= 0)
+                return 0;
+
+        assert(fds);
+
+        /* Drops O_NONBLOCK and FD_CLOEXEC from the file flags */
+
+        for (i = 0; i < n_fds; i++) {
+                int flags;
+
+                if ((flags = fcntl(fds[i], F_GETFL, 0)) < 0)
+                        return -errno;
+
+                /* Since we are at it, let's make sure that nobody
+                 * forgot setting O_NONBLOCK for all our fds */
+
+                if (fcntl(fds[i], F_SETFL, flags &~O_NONBLOCK) < 0)
+                        return -errno;
+
+                if ((flags = fcntl(fds[i], F_GETFD, 0)) < 0)
+                        return -errno;
+
+                /* Also make sure nobody forgot O_CLOEXEC for all our
+                 * fds */
+                if (fcntl(fds[i], F_SETFD, flags &~FD_CLOEXEC) < 0)
+                        return -errno;
+        }
+
+        return 0;
+}
+
 int exec_spawn(const ExecCommand *command, const ExecContext *context, int *fds, unsigned n_fds, pid_t *ret) {
         pid_t pid;
 
@@ -153,7 +187,8 @@ int exec_spawn(const ExecCommand *command, const ExecContext *context, int *fds,
                 }
 
                 if (close_fds(fds, n_fds) < 0 ||
-                    shift_fds(fds, n_fds) < 0) {
+                    shift_fds(fds, n_fds) < 0 ||
+                    flags_fds(fds, n_fds) < 0) {
                         r = EXIT_FDS;
                         goto fail;
                 }