[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[shepherd] 01/02: service: Mark inetd listening sockets as SOCK_CLOEXEC.
From: |
Ludovic Courtès |
Subject: |
[shepherd] 01/02: service: Mark inetd listening sockets as SOCK_CLOEXEC. |
Date: |
Wed, 31 Aug 2022 05:02:40 -0400 (EDT) |
civodul pushed a commit to branch master
in repository shepherd.
commit 3a0f8e03dacb8302a6218977d87fd561b2b94da7
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Wed Aug 31 01:50:19 2022 +0200
service: Mark inetd listening sockets as SOCK_CLOEXEC.
* modules/shepherd/service.scm (close-on-exec-endpoint): New procedure.
(make-inetd-constructor): Use it.
---
modules/shepherd/service.scm | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/modules/shepherd/service.scm b/modules/shepherd/service.scm
index 2b1210c..644f5a8 100644
--- a/modules/shepherd/service.scm
+++ b/modules/shepherd/service.scm
@@ -1277,6 +1277,14 @@ permissions for its parent directory."
socket-owner socket-group
socket-directory-permissions))
+(define (close-on-exec-endpoint endpoint)
+ "Return ENDPOINT with SOCK_CLOEXEC added to its 'style'."
+ (match endpoint
+ (($ <endpoint> name address style backlog
+ owner group permissions)
+ (make-endpoint name address (logior SOCK_CLOEXEC style) backlog
+ owner group permissions))))
+
(define (endpoint->listening-socket endpoint)
"Return a listening socket for ENDPOINT."
(match endpoint
@@ -1546,7 +1554,10 @@ rejecting connection from ~:[~a~;~*local process~].")
#:socket-group socket-group
#:socket-directory-permissions
socket-directory-permissions)))))
- (sockets (open-sockets endpoints)))
+ (sockets (open-sockets
+ ;; Listening sockets are not passed to the child
+ ;; process so they can be closed on 'exec'.
+ (map close-on-exec-endpoint endpoints))))
(for-each (lambda (endpoint socket)
(spawn-fiber
(accept-clients (endpoint-address endpoint)