rosa/hakurei
6
3
Fork 2
Code Issues 9 Pull Requests 2 Actions 2 Packages Projects Releases 15 Wiki Activity
Files
e9a72490db44426605debd3cc756a7924931d706
hakurei/container/syscall_range_proc.go
Ophestra 0a12d456ce
All checks were successful
Test / Create distribution (push) Successful in 1m2s
Details
Test / Sandbox (push) Successful in 2m44s
Details
Test / Hakurei (push) Successful in 3m42s
Details
Test / ShareFS (push) Successful in 3m46s
Details
Test / Sandbox (race detector) (push) Successful in 5m1s
Details
Test / Hakurei (race detector) (push) Successful in 6m7s
Details
Test / Flake checks (push) Successful in 1m23s
Details
container: set CLOEXEC via close_range 
This is guarded behind the close_range build tag for now.

Signed-off-by: Ophestra <cat@gensokyo.uk>
2026-03-17 14:19:00 +09:00

29 lines
478 B
Go
Raw Blame History

//go:build !close_range
package container
import (
"os"
"strconv"
"syscall"
"hakurei.app/container/fhs"
)
// doCloseOnExec implements ensureCloseOnExec by ranging over proc_pid_fd(5).
func doCloseOnExec() error {
entries, err := os.ReadDir(fhs.ProcSelf + "fd/")
if err != nil {
return err
}
var fd int
for _, ent := range entries {
if fd, err = strconv.Atoi(ent.Name()); err != nil {
return err // not reached
}
syscall.CloseOnExec(fd)
}
return nil
}
Reference in New Issue View Git Blame Copy Permalink