start: generalize lxc_check_inherited()

src/lxc/execute.c

@@ -116,7 +116,7 @@ int lxc_execute(const char *name, char *const argv[], int quiet,
 {
 	struct execute_args args = {.argv = argv, .quiet = quiet};
 
-	if (lxc_check_inherited(handler->conf, false, handler->conf->maincmd_fd))
+	if (lxc_check_inherited(handler->conf, false, &handler->conf->maincmd_fd, 1))
 		return -1;
 
 	handler->conf->is_execute = 1;

src/lxc/lxccontainer.c

@@ -829,7 +829,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
 			SYSERROR("Error chdir()ing to /.");
 			exit(1);
 		}
-		lxc_check_inherited(conf, true, handler->conf->maincmd_fd);
+		lxc_check_inherited(conf, true, &handler->conf->maincmd_fd, 1);
 		if (null_stdfds() < 0) {
 			ERROR("failed to close fds");
 			exit(1);
@@ -899,7 +899,7 @@ reboot:
 			goto out;
 	}
 
-	if (lxc_check_inherited(conf, daemonize, handler->conf->maincmd_fd)) {
+	if (lxc_check_inherited(conf, daemonize, &handler->conf->maincmd_fd, 1)) {
 		ERROR("Inherited fds found");
 		lxc_free_handler(handler);
 		ret = 1;

src/lxc/monitor.c

@@ -370,7 +370,7 @@ int lxc_monitord_spawn(const char *lxcpath)
 		exit(EXIT_FAILURE);
 	}
 
-	lxc_check_inherited(NULL, true, pipefd[1]);
+	lxc_check_inherited(NULL, true, &pipefd[1], 1);
 	if (null_stdfds() < 0) {
 		SYSERROR("Failed to dup2() standard file descriptors to /dev/null.");
 		exit(EXIT_FAILURE);

src/lxc/network.c

@@ -1410,7 +1410,7 @@ static bool is_ovs_bridge(const char *bridge)
  */
 static void ovs_cleanup_nic(const char *lxcpath, const char *name, const char *bridge, const char *nic)
 {
-	if (lxc_check_inherited(NULL, true, -1) < 0)
+	if (lxc_check_inherited(NULL, true, &(int){-1}, 1) < 0)
 		return;
 	if (lxc_wait(name, "STOPPED", -1, lxcpath) < 0)
 		return;

src/lxc/start.c

@@ -179,18 +179,12 @@ static int match_fd(int fd)
 	return (fd == 0 || fd == 1 || fd == 2);
 }
 
-/* Check for any fds we need to close.
- * - If fd_to_ignore != -1, then if we find that fd open we will ignore it.
- * - By default we warn about open fds we find.
- * - If closeall is true, we will close open fds.
- * - If lxc-start was passed "-C", then conf->close_all_fds will be true, in
- *   which case we also close all open fds.
- * - A daemonized container will always pass closeall=true.
- */
-int lxc_check_inherited(struct lxc_conf *conf, bool closeall, int fd_to_ignore)
+int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
+			int *fds_to_ignore, size_t len_fds)
 {
 	struct dirent *direntp;
 	int fd, fddir;
+	size_t i;
 	DIR *dir;
 
 	if (conf && conf->close_all_fds)
@@ -220,7 +214,12 @@ restart:
 			continue;
 		}
 
-		if (fd == fddir || fd == lxc_log_fd || fd == fd_to_ignore)
+		for (i = 0; i < len_fds; i++)
+			if (fds_to_ignore[i] == fd)
+				break;
+
+		if (fd == fddir || fd == lxc_log_fd ||
+		    (i < len_fds && fd == fds_to_ignore[i]))
 			continue;
 
 		if (current_config && fd == current_config->logfd)

src/lxc/start.h

@@ -73,7 +73,15 @@ extern void lxc_free_handler(struct lxc_handler *handler);
 extern int lxc_init(const char *name, struct lxc_handler *handler);
 extern void lxc_fini(const char *name, struct lxc_handler *handler);
 
-extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall, int fd_to_ignore);
+/* lxc_check_inherited: Check for any open file descriptors and close them if
+ *                      requested.
+ * @param[in] conf          The container's configuration.
+ * @param[in] closeall      Whether we should close all open file descriptors.
+ * @param[in] fds_to_ignore Array of file descriptors to ignore.
+ * @param[in] len_fds       Length of fds_to_ignore array.
+ */
+extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
+			       int *fds_to_ignore, size_t len_fds);
 int __lxc_start(const char *, struct lxc_handler *, struct lxc_operations *,
 		void *, const char *, bool);