apparmor: use fopen_cloexec

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

apparmor: use fopen_cloexec
f6eea250 · Wolfgang Bumiller · Christian Brauner · 28968d7d · f6eea250
Unverified Commit f6eea250 authored Jul 25, 2018 by Wolfgang Bumiller Committed by Christian Brauner Jul 31, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 2 deletions

apparmor.c src/lxc/lsm/apparmor.c +3 -2

No files found.
--- a/src/lxc/lsm/apparmor.c
+++ b/src/lxc/lsm/apparmor.c
@@ -32,6 +32,7 @@
 #include "lsm.h"
 #include "conf.h"
 #include "utils.h"
+#include "initutils.h"

 lxc_log_define(apparmor, lsm);

@@ -68,7 +69,7 @@ static int apparmor_enabled(void)
 	char e;
 	int ret;

-	fin = fopen(AA_ENABLED_FILE, "r");
+	fin = fopen_cloexec(AA_ENABLED_FILE, "r");
 	if (!fin)
 		return 0;
 	ret = fscanf(fin, "%c", &e);
@@ -95,7 +96,7 @@ static char *apparmor_process_label_get(pid_t pid)
 		return NULL;
 	}
 again:
-	f = fopen(path, "r");
+	f = fopen_cloexec(path, "r");
 	if (!f) {
 		SYSERROR("opening %s", path);
 		free(buf);