Merge pull request #3642 from brauner/2021-02-01/fixes

src/lxc/file_utils.c

@@ -517,6 +517,64 @@ FILE *fdopen_cached(int fd, const char *mode, void **caller_freed_buffer)
 	return f;
 }
 
+int fd_cloexec(int fd, bool cloexec)
+{
+	int oflags, nflags;
+
+	oflags = fcntl(fd, F_GETFD, 0);
+	if (oflags < 0)
+		return -errno;
+
+	if (cloexec)
+		nflags = oflags | FD_CLOEXEC;
+	else
+		nflags = oflags & ~FD_CLOEXEC;
+
+	if (nflags == oflags)
+		return 0;
+
+	if (fcntl(fd, F_SETFD, nflags) < 0)
+		return -errno;
+
+	return 0;
+}
+
+static inline int dup_cloexec(int fd)
+{
+	__do_close int fd_dup = -EBADF;
+
+	fd_dup = dup(fd);
+	if (fd_dup < 0)
+		return -errno;
+
+	if (fd_cloexec(fd_dup, true))
+		return -errno;
+
+	return move_fd(fd_dup);
+}
+
+FILE *fdopenat(int dfd, const char *path, const char *mode)
+{
+	__do_close int fd = -EBADF;
+	__do_fclose FILE *f = NULL;
+
+	if (is_empty_string(path))
+		fd = dup_cloexec(dfd);
+	else
+		fd = openat(dfd, path, O_CLOEXEC | O_NOCTTY | O_NOFOLLOW);
+	if (fd < 0)
+		return NULL;
+
+	f = fdopen(fd, "re");
+	if (!f)
+		return NULL;
+
+	/* Transfer ownership of fd. */
+	move_fd(fd);
+
+	return move_ptr(f);
+}
+
 int timens_offset_write(clockid_t clk_id, int64_t s_offset, int64_t ns_offset)
 {
 	__do_close int fd = -EBADF;

src/lxc/file_utils.h

@@ -73,8 +73,10 @@ static inline int fd_to_fd(int from, int to)
 {
 	return __fd_to_fd(from, to) >= 0;
 }
+__hidden extern int fd_cloexec(int fd, bool cloexec);
 __hidden extern int lxc_open_dirfd(const char *dir);
 __hidden extern FILE *fdopen_cached(int fd, const char *mode, void **caller_freed_buffer);
+__hidden extern FILE *fdopenat(int dfd, const char *path, const char *mode);
 __hidden extern FILE *fopen_cached(const char *path, const char *mode, void **caller_freed_buffer);
 __hidden extern int timens_offset_write(clockid_t clk_id, int64_t s_offset, int64_t ns_offset);
 __hidden extern bool exists_dir_at(int dir_fd, const char *path);

src/lxc/utils.c

@@ -1779,28 +1779,6 @@ int lxc_set_death_signal(int signal, pid_t parent, int parent_status_fd)
 	return 0;
 }
 
-int fd_cloexec(int fd, bool cloexec)
-{
-	int oflags, nflags;
-
-	oflags = fcntl(fd, F_GETFD, 0);
-	if (oflags < 0)
-		return -errno;
-
-	if (cloexec)
-		nflags = oflags | FD_CLOEXEC;
-	else
-		nflags = oflags & ~FD_CLOEXEC;
-
-	if (nflags == oflags)
-		return 0;
-
-	if (fcntl(fd, F_SETFD, nflags) < 0)
-		return -errno;
-
-	return 0;
-}
-
 int lxc_rm_rf(const char *dirname)
 {
 	__do_closedir DIR *dir = NULL;
@@ -1909,7 +1887,7 @@ int fix_stdio_permissions(uid_t uid)
 
 		ret = fchown(std_fds[i], uid, st.st_gid);
 		if (ret) {
-			TRACE("Failed to chown standard I/O file descriptor %d to uid %d and gid %d",
+			SYSTRACE("Failed to chown standard I/O file descriptor %d to uid %d and gid %d",
 			         std_fds[i], uid, st.st_gid);
 			fret = -1;
 			continue;
@@ -1917,7 +1895,7 @@ int fix_stdio_permissions(uid_t uid)
 
 		ret = fchmod(std_fds[i], 0700);
 		if (ret) {
-			TRACE("Failed to chmod standard I/O file descriptor %d", std_fds[i]);
+			SYSTRACE("Failed to chmod standard I/O file descriptor %d", std_fds[i]);
 			fret = -1;
 		}
 	}

src/lxc/utils.h

@@ -223,7 +223,6 @@ __hidden extern uint64_t lxc_find_next_power2(uint64_t n);
 
 /* Set a signal the child process will receive after the parent has died. */
 __hidden extern int lxc_set_death_signal(int signal, pid_t parent, int parent_status_fd);
-__hidden extern int fd_cloexec(int fd, bool cloexec);
 __hidden extern int lxc_rm_rf(const char *dirname);
 __hidden extern bool lxc_can_use_pidfd(int pidfd);