api_start: always close fds 0-2 when daemonized

commit 507cee36 moved the close and re-open of fds 0-2 into do_start. But this means that the lxc monitor itself keeps the caller's fds 0-2 open, which is wrong for daemonized containers. Closes #548 Reported-by: Mathieu Le Marec - Pasquet <kiorky@cryptelium.net> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

api_start: always close fds 0-2 when daemonized
454ec0ab · Serge Hallyn · Stéphane Graber · 27be5731 · 454ec0ab
Commit 454ec0ab authored Jun 02, 2015 by Serge Hallyn Committed by Stéphane Graber Jun 02, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 0 deletions

lxccontainer.c src/lxc/lxccontainer.c +6 -0

No files found.
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -722,6 +722,12 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
 			return false;
 		}
 		lxc_check_inherited(conf, true, -1);
+		close(0);
+		close(1);
+		close(2);
+		open("/dev/zero", O_RDONLY);
+		open("/dev/null", O_RDWR);
+		open("/dev/null", O_RDWR);
 		setsid();
 	} else {
 		if (!am_single_threaded()) {