kat/hakurei
1
0
Fork 0
forked from rosa/hakurei
Code Pull Requests Activity

container: set CLOEXEC via close_range

Browse Source 
This is guarded behind the close_range build tag for now.

Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra
2026-03-17 14:19:00 +09:00
parent d1fc1a3db7
commit 0a12d456ce
3 changed files with 52 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
container/syscall_close_range.go Normal file
View File

@@ -0,0 +1,11 @@
//go:build close_range
package container
import "hakurei.app/ext"
// doCloseOnExec implements ensureCloseOnExec by calling CloseRange with
// CLOSE_RANGE_CLOEXEC.
func doCloseOnExec() error {
return ext.CloseRange(0, ext.MaxUint, ext.CLOSE_RANGE_CLOEXEC)
}