lxc_spawn: don't close pinfd until container is stopped

Otherwise containers may be able to remount -o ro their rootfs at shutdown. Reported-by: Harald Dunkel <harri@afaics.de> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

lxc_spawn: don't close pinfd until container is stopped
5c068da9 · Serge Hallyn · 69c757b3 · 5c068da9
Commit 5c068da9 authored Sep 06, 2013 by Serge Hallyn
Show whitespace changes
Inline Side-by-side

Showing with 11 additions and 3 deletions

start.c src/lxc/start.c +11 -3

No files found.
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -274,6 +274,7 @@ struct lxc_handler *lxc_init(const char *name, struct lxc_conf *conf, const char
 	handler->conf = conf;
 	handler->lxcpath = lxcpath;
+	handler->pinfd = -1;
 	apparmor_handler_init(handler);
 	handler->name = strdup(name);
@@ -740,9 +741,6 @@ int lxc_spawn(struct lxc_handler *handler)
 	lxc_sync_fini(handler);
-	if (handler->pinfd >= 0)
-		close(handler->pinfd);
 	return 0;
 out_delete_net:
@@ -751,6 +749,11 @@ out_delete_net:
 out_abort:
 	lxc_abort(name, handler);
 	lxc_sync_fini(handler);
+	if (handler->pinfd >= 0) {
+		close(handler->pinfd);
+		handler->pinfd = -1;
+	}
 	return -1;
 }
@@ -818,6 +821,11 @@ int __lxc_start(const char *name, struct lxc_conf *conf,
 	lxc_rename_phys_nics_on_shutdown(handler->conf);
+	if (handler->pinfd >= 0) {
+		close(handler->pinfd);
+		handler->pinfd = -1;
+	}
 	err =  lxc_error_set_and_log(handler->pid, status);
 out_fini:
 	lxc_delete_network(handler);