5
0
mirror of git://git.proxmox.com/git/proxmox-backup.git synced 2025-01-05 09:17:59 +03:00

tree-wide: add missing O_CLOEXEC flags to openat calls

Since we don't want to have lingering file descriptors on any fork +
exec, like the reload code from the proxmox-daemon crate we're using
for the rest-server(s) does, as that can have serious side effects and
even cause hangs.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Reviewed-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 [ TL: Reword commit message ]}
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Dominik Csapak 2024-11-29 16:39:08 +01:00 committed by Thomas Lamprecht
parent c17964e7fc
commit 8eaeedf31e
3 changed files with 3 additions and 3 deletions

View File

@ -57,7 +57,7 @@ impl PxarDir {
let dir = Dir::openat(
parent,
self.file_name.as_os_str(),
OFlag::O_DIRECTORY,
OFlag::O_DIRECTORY | OFlag::O_CLOEXEC,
Mode::empty(),
)?;

View File

@ -143,7 +143,7 @@ impl BackupGroup {
match openat(
l2_fd,
&manifest_path,
OFlag::O_RDONLY,
OFlag::O_RDONLY | OFlag::O_CLOEXEC,
nix::sys::stat::Mode::empty(),
) {
Ok(rawfd) => {

View File

@ -102,7 +102,7 @@ impl SnapshotReader {
let raw_fd = nix::fcntl::openat(
self.locked_dir.as_raw_fd(),
Path::new(filename),
nix::fcntl::OFlag::O_RDONLY,
nix::fcntl::OFlag::O_RDONLY | nix::fcntl::OFlag::O_CLOEXEC,
nix::sys::stat::Mode::empty(),
)?;
let file = unsafe { File::from_raw_fd(raw_fd) };