[systemd-commits] 2 commits - src/nspawn src/udev
Lennart Poettering
lennart at kemper.freedesktop.org
Mon May 18 13:24:38 PDT 2015
src/nspawn/nspawn.c | 15 ++++++++++++---
src/udev/ata_id/ata_id.c | 2 +-
2 files changed, 13 insertions(+), 4 deletions(-)
New commits:
commit 6b7d2e9ea4cdb4cfa1512d37548a1a967623d7f2
Author: Alban Crequy <alban at endocode.com>
Date: Mon May 18 16:45:30 2015 +0200
nspawn: close extra fds before execing init
When systemd-nspawn gets exec*()ed, it inherits the followings file
descriptors:
- 0, 1, 2: stdin, stdout, stderr
- SD_LISTEN_FDS_START, ... SD_LISTEN_FDS_START+LISTEN_FDS: file
descriptors passed by the system manager (useful for socket
activation). They are passed to the child process (process leader).
- extra lock fd: rkt passes a locked directory as an extra fd, so the
directory remains locked as long as the container is alive.
systemd-nspawn used to close all open fds except 0, 1, 2 and the
SD_LISTEN_FDS_START..SD_LISTEN_FDS_START+LISTEN_FDS. This patch delays
the close just before the exec so the nspawn process (parent) keeps the
extra fds open.
This patch supersedes the previous attempt ("cloexec extraneous fds"):
http://lists.freedesktop.org/archives/systemd-devel/2015-May/031608.html
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 4095c77..a38f47d 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -3990,7 +3990,6 @@ int main(int argc, char *argv[]) {
goto finish;
}
- log_close();
n_fd_passed = sd_listen_fds(false);
if (n_fd_passed > 0) {
r = fdset_new_listen_fds(&fds, false);
@@ -3999,8 +3998,6 @@ int main(int argc, char *argv[]) {
goto finish;
}
}
- fdset_close_others(fds);
- log_open();
if (arg_directory) {
assert(!arg_image);
@@ -4510,6 +4507,17 @@ int main(int argc, char *argv[]) {
* setup, too... */
(void) barrier_place_and_sync(&barrier); /* #5 */
+ /* Now, explicitly close the log, so that we
+ * then can close all remaining fds. Closing
+ * the log explicitly first has the benefit
+ * that the logging subsystem knows about it,
+ * and is thus ready to be reopened should we
+ * need it again. Note that the other fds
+ * closed here are at least the locking and
+ * barrier fds. */
+ log_close();
+ (void) fdset_close_others(fds);
+
if (arg_boot) {
char **a;
size_t l;
@@ -4536,6 +4544,7 @@ int main(int argc, char *argv[]) {
execle("/bin/sh", "-sh", NULL, env_use);
}
+ (void) log_open();
log_error_errno(errno, "execv() failed: %m");
_exit(EXIT_FAILURE);
}
commit 8dc26de6da7a7611ecf0362ffc4f178569109d23
Author: Lennart Poettering <lennart at poettering.net>
Date: Mon May 18 21:52:26 2015 +0200
ata_id: drop spurious space
diff --git a/src/udev/ata_id/ata_id.c b/src/udev/ata_id/ata_id.c
index 9e4f674..cc1bf45 100644
--- a/src/udev/ata_id/ata_id.c
+++ b/src/udev/ata_id/ata_id.c
@@ -496,7 +496,7 @@ int main(int argc, char *argv[])
}
}
- memcpy (model, id.model, 40);
+ memcpy(model, id.model, 40);
model[40] = '\0';
udev_util_encode_string(model, model_enc, sizeof(model_enc));
util_replace_whitespace((char *) id.model, model, 40);
More information about the systemd-commits
mailing list