attach: move file descriptor closing into attach_context_container()

This reduces the possibility of forgetting to close the namespace file descriptors when we change this codepath. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach: move file descriptor closing into attach_context_container()
92466fe3 · Christian Brauner · 72a19d2f · 92466fe3
Unverified Commit 92466fe3 authored Feb 02, 2021 by Christian Brauner
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 10 deletions

attach.c src/lxc/attach.c +12 -10

No files found.
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -572,6 +572,8 @@ static void put_attach_context(struct attach_context *ctx)

 static int attach_context_container(struct attach_context *ctx)
 {
+	int fret = 0;
+
 	for (int i = 0; i < LXC_NS_MAX; i++) {
 		int ret;

@@ -579,16 +581,19 @@ static int attach_context_container(struct attach_context *ctx)
 			continue;

 		ret = setns(ctx->ns_fd[i], ns_info[i].clone_flag);
-		if (ret < 0)
-			return log_error_errno(-1, errno,
-					       "Failed to attach to %s namespace of %d",
-					       ns_info[i].proc_name, ctx->init_pid);
+		if (ret)
+			return log_error_errno(-errno, errno, "Failed to attach to %s namespace of %d", ns_info[i].proc_name, ctx->init_pid);

-		DEBUG("Attached to %s namespace of %d",
-		ns_info[i].proc_name, ctx->init_pid);
+		DEBUG("Attached to %s namespace of %d", ns_info[i].proc_name, ctx->init_pid);
+
+		if (close(ctx->ns_fd[i])) {
+			fret = -errno;
+			SYSERROR("Failed to close file descriptor for %s namespace", ns_info[i].proc_name);
+		}
+		ctx->ns_fd[i] = -EBADF;
 	}

-	return 0;
+	return fret;
 }

 /*
@@ -1436,9 +1441,6 @@ int lxc_attach(struct lxc_container *container, lxc_attach_exec_t exec_function,
 			_exit(EXIT_FAILURE);
 		}

-		/* close namespace file descriptors */
-		close_nsfds(ctx);
-
 		/* Attach succeeded, try to cwd. */
 		if (options->initial_cwd)
 			new_cwd = options->initial_cwd;