Quoting Stéphane Graber (stgra...@ubuntu.com):
> This changes the default behaviour from complaining about it but not closing
> the inherited fds to logging an INFO entry and closing them automatically.
> That's the same as always calling lxc-start with --close-all-fds.
>
> Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
> Cc: Daniel Lezcano <daniel.lezc...@free.fr>
> Cc: Serge Hallyn <serge.hal...@canonical.com>
Acked-by: Serge Hallyn <serge.hal...@canonical.com>
thanks,
-serge
>
> ---
> doc/lxc-start.sgml.in | 15 ---------------
> src/lxc/arguments.h | 3 ---
> src/lxc/conf.h | 1 -
> src/lxc/lxc_start.c | 10 +---------
> src/lxc/start.c | 10 ++--------
> 5 files changed, 3 insertions(+), 36 deletions(-)
>
> diff --git a/doc/lxc-start.sgml.in b/doc/lxc-start.sgml.in
> index 4504d58..08f1e81 100644
> --- a/doc/lxc-start.sgml.in
> +++ b/doc/lxc-start.sgml.in
> @@ -147,21 +147,6 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
> 02111-1307 USA
> </listitem>
> </varlistentry>
>
> - <varlistentry>
> - <term>
> - <option>-C,
> - --close-all-fds</option>
> - </term>
> - <listitem>
> - <para>
> - If any file descriptors are inherited, close them. If this option
> - is not specified, then <command>lxc-start</command> will exit with
> - failure instead. Note: <replaceable>--daemon</replaceable> implies
> - <replaceable>--close-all-fds</replaceable>.
> - </para>
> - </listitem>
> - </varlistentry>
> -
> </variablelist>
>
> </refsect1>
> diff --git a/src/lxc/arguments.h b/src/lxc/arguments.h
> index 40f0d6c..6a2ffc6 100644
> --- a/src/lxc/arguments.h
> +++ b/src/lxc/arguments.h
> @@ -58,9 +58,6 @@ struct lxc_arguments {
> /* for lxc-wait */
> char *states;
>
> - /* close fds from parent? */
> - int close_all_fds;
> -
> /* remaining arguments */
> char *const *argv;
> int argc;
> diff --git a/src/lxc/conf.h b/src/lxc/conf.h
> index 09f55cb..24e7c43 100644
> --- a/src/lxc/conf.h
> +++ b/src/lxc/conf.h
> @@ -215,7 +215,6 @@ struct lxc_conf {
> struct lxc_console console;
> struct lxc_rootfs rootfs;
> char *ttydir;
> - int close_all_fds;
> };
>
> /*
> diff --git a/src/lxc/lxc_start.c b/src/lxc/lxc_start.c
> index 7559444..fdd4c72 100644
> --- a/src/lxc/lxc_start.c
> +++ b/src/lxc/lxc_start.c
> @@ -58,9 +58,8 @@ static int my_parser(struct lxc_arguments* args, int c,
> char* arg)
> {
> switch (c) {
> case 'c': args->console = arg; break;
> - case 'd': args->daemonize = 1; args->close_all_fds = 1; break;
> + case 'd': args->daemonize = 1; break;
> case 'f': args->rcfile = arg; break;
> - case 'C': args->close_all_fds = 1; break;
> case 's': return lxc_config_define_add(&defines, arg);
> }
> return 0;
> @@ -71,7 +70,6 @@ static const struct option my_longopts[] = {
> {"rcfile", required_argument, 0, 'f'},
> {"define", required_argument, 0, 's'},
> {"console", required_argument, 0, 'c'},
> - {"close-all-fds", no_argument, 0, 'C'},
> LXC_COMMON_OPTIONS
> };
>
> @@ -87,9 +85,6 @@ Options :\n\
> -d, --daemon daemonize the container\n\
> -f, --rcfile=FILE Load configuration file FILE\n\
> -c, --console=FILE Set the file output for the container console\n\
> - -C, --close-all-fds If any fds are inherited, close them\n\
> - If not specified, exit with failure instead\n\
> - Note: --daemon implies --close-all-fds\n\
> -s, --define KEY=VAL Assign VAL to configuration variable KEY\n",
> .options = my_longopts,
> .parser = my_parser,
> @@ -204,9 +199,6 @@ int main(int argc, char *argv[])
> return err;
> }
>
> - if (my_args.close_all_fds)
> - conf->close_all_fds = 1;
> -
> err = lxc_start(my_args.name, args, conf);
>
> /*
> diff --git a/src/lxc/start.c b/src/lxc/start.c
> index 920ff77..ddc0923 100644
> --- a/src/lxc/start.c
> +++ b/src/lxc/start.c
> @@ -140,7 +140,6 @@ int lxc_check_inherited(struct lxc_conf *conf, int
> fd_to_ignore)
> int fd, fddir;
> DIR *dir;
>
> -restart:
> dir = opendir("/proc/self/fd");
> if (!dir) {
> WARN("failed to open directory: %m");
> @@ -167,13 +166,8 @@ restart:
> if (match_fd(fd))
> continue;
>
> - if (conf->close_all_fds) {
> - close(fd);
> - closedir(dir);
> - INFO("closed inherited fd %d", fd);
> - goto restart;
> - }
> - WARN("inherited fd %d", fd);
> + close(fd);
> + INFO("closed inherited fd %d", fd);
> }
>
> closedir(dir); /* cannot fail */
> --
> 1.7.9.5
>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
