From 7a0bf8027b93e7e3f4e6887c0d116f471629cacd Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Mon, 1 Nov 2021 19:00:51 +0100 Subject: runner: set CLOEXEC on signalfd --- crates/runner/src/lib.rs | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/crates/runner/src/lib.rs b/crates/runner/src/lib.rs index 9ca6c23..cfaf658 100644 --- a/crates/runner/src/lib.rs +++ b/crates/runner/src/lib.rs @@ -19,7 +19,11 @@ use nix::{ errno::Errno, poll, sched::CloneFlags, - sys::{signal, signalfd::SignalFd, stat, wait}, + sys::{ + signal, + signalfd::{SfdFlags, SignalFd}, + stat, wait, + }, unistd::{self, Gid, Pid, Uid}, }; use uds::UnixSeqpacketConn; @@ -113,7 +117,8 @@ fn runner(uid: Uid, gid: Gid, socket: UnixSeqpacketConn, _lockfile: File, option signals.add(signal::Signal::SIGCHLD); signal::pthread_sigmask(signal::SigmaskHow::SIG_BLOCK, Some(&signals), None) .expect("pthread_sigmask()"); - let mut sfd = SignalFd::new(&signals).expect("Failed to create signal file descriptor"); + let mut sfd = SignalFd::with_flags(&signals, SfdFlags::SFD_CLOEXEC) + .expect("Failed to create signal file descriptor"); let mut pollfds = [ poll::PollFd::new(sfd.as_raw_fd(), poll::PollFlags::POLLIN), -- cgit v1.2.3