** Description changed: - Since the lxc-start command quits with an error if any inherited FDs are - not disconnected, why is it necessary to specify --close-all-fds at all? + ============================ + SRU Justification + Impact: callers of lxc-start can have confusing failures to start + Development fix: always close all fds + Stable fix: same as development fix + Test case: + 1. lxc-create -t ubuntu -n p1 + 2. cat > execme.c << EOF + #include <stdio.h> + #include <unistd.h> + + int main() + { + FILE *f = fopen("/tmp/ab", "w"); + //int ret = execl("/usr/bin/lxc-start", "/usr/bin/lxc-start", "-d", "-n", "p1", NULL); + int ret = execl("/usr/bin/lxc-start", "/usr/bin/lxc-start", "-n", "p1", NULL); + printf("should not be here (ret %d)\n", ret); + } + EOF + 3. make execme + 4. sudo ./execme + Without this patch, the container will fail to start with an error message + saying an fd was inherited. With the patch, the container will start (and + the fd will have been closed) + Regression potential: if anyone was counting on lxc-start to fail when started + with open fds, that will no longer happen. + ============================ + Since the lxc-start command quits with an error if any inherited FDs are not disconnected, why is it necessary to specify --close-all-fds at all? (I just spent an hour debugging a situation where some FDs were falling through from parent processes only in the remote deployment configuration...)
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1003583 Title: make the "--close-all-fds" option in lxc-start on by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1003583/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs