Re: [libvirt] PATCH: 1/7: Removing state from lxc_vm_t
"Daniel P. Berrange" <berrange(a)redhat.com> wrote:
This patch does some simple re-factoring of the way the TTYs and
control socket are handled to reduce the amount of state stored
in the lxc_vm_t structure, in preparation for the switchover to
the generic domain handling APIs.
One more thing:
...
diff -r 63b8398c302e src/lxc_container.c
--- a/src/lxc_container.c Mon Jul 14 12:18:23 2008 +0100
+++ b/src/lxc_container.c Tue Jul 15 11:55:48 2008 +0100
...
- close(0); close(1); close(2);
+ /* Just in case someone forget to set FD_CLOEXEC, explicitly
+ * close all FDs before executing the container */
+ open_max = sysconf (_SC_OPEN_MAX);
+ for (i = 0; i < open_max; i++)
+ if (i != ttyfd)
+ close(i);
Do you really need to close all file descriptors > 2 ?
I seem to recall that an application doing this caused trouble
when it closed a file descriptor (opened via the shell that I
was using for log output.
I think this might have caused trouble also when I used
valgrind with its --log-* options on that program.