[lxc-devel] [PATCH] don't leak the rootfs.pin fd into the container

[Serge Hallyn]

Only the container parent needs to keep that fd open.  Close it
as soon as the container's first task is spawned.  Else it can
show up in /proc/$$/fd in the container.

Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
---
 src/lxc/start.c | 12 +++++++-----
 src/lxc/start.h |  1 +
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/lxc/start.c b/src/lxc/start.c
index 90696f6..5083b24 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -575,6 +575,9 @@ static int do_start(void *data)
 
 	lxc_sync_fini_parent(handler);
 
+	/* don't leak the pinfd to the container */
+	close(handler->pinfd);
+
 	/* Tell the parent task it can begin to configure the
 	 * container and wait for it to finish
 	 */
@@ -691,7 +694,6 @@ int lxc_spawn(struct lxc_handler *handler)
 {
 	int failed_before_rename = 0;
 	const char *name = handler->name;
-	int pinfd;
 
 	if (lxc_sync_init(handler))
 		return -1;
@@ -735,8 +737,8 @@ int lxc_spawn(struct lxc_handler *handler)
 	 * marking it readonly.
 	 */
 
-	pinfd = pin_rootfs(handler->conf->rootfs.path);
-	if (pinfd == -1) {
+	handler->pinfd = pin_rootfs(handler->conf->rootfs.path);
+	if (handler->pinfd == -1) {
 		ERROR("failed to pin the container's rootfs");
 		goto out_abort;
 	}
@@ -818,8 +820,8 @@ int lxc_spawn(struct lxc_handler *handler)
 
 	lxc_sync_fini(handler);
 
-	if (pinfd >= 0)
-		close(pinfd);
+	if (handler->pinfd >= 0)
+		close(handler->pinfd);
 
 	return 0;
 
diff --git a/src/lxc/start.h b/src/lxc/start.h
index 4b2e2b5..27688f3 100644
--- a/src/lxc/start.h
+++ b/src/lxc/start.h
@@ -49,6 +49,7 @@ struct lxc_handler {
 #if HAVE_APPARMOR
 	int aa_enabled;
 #endif
+	int pinfd;
 };
 
 extern struct lxc_handler *lxc_init(const char *name, struct lxc_conf *);
-- 
1.8.0