procd: Do not leak pipe file descriptors to children

Without this change, a process started by procd can have access to
stdout/err of processes started by procd before.

Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>

diff --git a/rcS.c b/rcS.c
index 4ecf0c1..b1202bf 100644 (file)
--- a/rcS.c
+++ b/rcS.c
@@ -82,6 +82,7 @@ static void q_initd_run(struct runqueue *q, struct runqueue_task *t)
 
        if (pid) {
                close(pipefd[1]);
 
        if (pid) {
                close(pipefd[1]);

+               fcntl(pipefd[0], F_SETFD, FD_CLOEXEC);

                s->fd.stream.string_data = true,
                s->fd.stream.notify_read = pipe_cb,
                runqueue_process_add(q, &s->proc, pid);
                s->fd.stream.string_data = true,
                s->fd.stream.notify_read = pipe_cb,
                runqueue_process_add(q, &s->proc, pid);

diff --git a/service/instance.c b/service/instance.c
index 4d340fd..a968a0b 100644 (file)
--- a/service/instance.c
+++ b/service/instance.c
@@ -444,11 +444,13 @@ instance_start(struct service_instance *in)
        if (opipe[0] > -1) {
                ustream_fd_init(&in->_stdout, opipe[0]);
                closefd(opipe[1]);
        if (opipe[0] > -1) {
                ustream_fd_init(&in->_stdout, opipe[0]);
                closefd(opipe[1]);

+               fcntl(opipe[0], F_SETFD, FD_CLOEXEC);

        }
 
        if (epipe[0] > -1) {
                ustream_fd_init(&in->_stderr, epipe[0]);
                closefd(epipe[1]);
        }
 
        if (epipe[0] > -1) {
                ustream_fd_init(&in->_stderr, epipe[0]);
                closefd(epipe[1]);

+               fcntl(epipe[0], F_SETFD, FD_CLOEXEC);

        }
 
        service_event("instance.start", in->srv->name, in->name);
        }
 
        service_event("instance.start", in->srv->name, in->name);