[lxc-devel] [PATCH] do not close inherited fds if tty

[Michael Tokarev]

Michel Normand wrote:
> The lxc_close_all_inherited_fd function is modified
> to do not close an inherited fd if tty.
> Note that this function is called
> after the clone/fork of the application,
> and before to wait for this application to exit.

Can we remove all this stuff and instead of remembering which
FDs are open at startup, enumerate all open ones after container
spawn and close everything which is pipe or socket (since sockets
should also be closed like this), except of a few sockets/pipes
which are open on purpose by lxc_start itself?

I mean just the possibility/discussion.  This lxc_*_inherited
looks like one large hack really, and I'm trying to think of a
more clean solution...  Not that mine is any better :)

Thanks!

/mjt

> 
> Signed-off-by: Michel Normand <michel.mno at free.fr>
> ---
>  src/lxc/utils.c |    9 +++------
>  1 files changed, 3 insertions(+), 6 deletions(-)
> 
> diff --git a/src/lxc/utils.c b/src/lxc/utils.c
> index f9477a3..ddfb101 100644
> --- a/src/lxc/utils.c
> +++ b/src/lxc/utils.c
> @@ -212,15 +212,14 @@ again:
>  
>  		entry = iterator->elem;
>  
> -		/* do not close the stderr fd to keep open default
> -		 * error reporting path.
> +		/* do not close any of the tty
>  		 */
> -		if (entry->fd == 2 && isatty(entry->fd)) {
> +		if (isatty(entry->fd)) {
>  			fd_list_del(entry);
>  			continue;
>  		}
>  
> -		DEBUG("closing fd '%d'", entry->fd);
> +		DEBUG("closing inherited fd '%d'", entry->fd);
>  
>  		if (close(entry->fd))
>  			WARN("failed to close fd '%d': %s", entry->fd,
> @@ -230,8 +229,6 @@ again:
>  		goto again;
>  	}
>  
> -	DEBUG("closed all inherited file descriptors");
> -
>  	return 0;
>  }
>