[pbs-devel] [PATCH proxmox-backup] add missing O_CLOEXEC flags to `openat` calls
Dominik Csapak
d.csapak at proxmox.com
Fri Nov 29 16:39:08 CET 2024
since we don't want to have lingering file descriptors on reload, which
does a fork/exec.
Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
pbs-client/src/pxar/dir_stack.rs | 2 +-
pbs-datastore/src/backup_info.rs | 2 +-
pbs-datastore/src/snapshot_reader.rs | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/pbs-client/src/pxar/dir_stack.rs b/pbs-client/src/pxar/dir_stack.rs
index 616d7545b..6fe55f170 100644
--- a/pbs-client/src/pxar/dir_stack.rs
+++ b/pbs-client/src/pxar/dir_stack.rs
@@ -57,7 +57,7 @@ impl PxarDir {
let dir = Dir::openat(
parent,
self.file_name.as_os_str(),
- OFlag::O_DIRECTORY,
+ OFlag::O_DIRECTORY | OFlag::O_CLOEXEC,
Mode::empty(),
)?;
diff --git a/pbs-datastore/src/backup_info.rs b/pbs-datastore/src/backup_info.rs
index be262773b..1ca279aca 100644
--- a/pbs-datastore/src/backup_info.rs
+++ b/pbs-datastore/src/backup_info.rs
@@ -143,7 +143,7 @@ impl BackupGroup {
match openat(
l2_fd,
&manifest_path,
- OFlag::O_RDONLY,
+ OFlag::O_RDONLY | OFlag::O_CLOEXEC,
nix::sys::stat::Mode::empty(),
) {
Ok(rawfd) => {
diff --git a/pbs-datastore/src/snapshot_reader.rs b/pbs-datastore/src/snapshot_reader.rs
index 95e59a421..dea51cbef 100644
--- a/pbs-datastore/src/snapshot_reader.rs
+++ b/pbs-datastore/src/snapshot_reader.rs
@@ -102,7 +102,7 @@ impl SnapshotReader {
let raw_fd = nix::fcntl::openat(
self.locked_dir.as_raw_fd(),
Path::new(filename),
- nix::fcntl::OFlag::O_RDONLY,
+ nix::fcntl::OFlag::O_RDONLY | nix::fcntl::OFlag::O_CLOEXEC,
nix::sys::stat::Mode::empty(),
)?;
let file = unsafe { File::from_raw_fd(raw_fd) };
--
2.39.5
More information about the pbs-devel
mailing list