From: Tobias Ulmer <tu@emlix.com>
Date: Wed, 7 Oct 2015 18:53:24 +0000 (+0200)
Subject: init: wrap io.open/popen with variants setting FD_CLOEXEC
X-Git-Tag: e2factory-2.3.14p1~4
X-Git-Url: https://git.e2factory.org/?a=commitdiff_plain;h=4dd32edad9db71616b70e33cc1cde15e3382b14a;p=e2factory.git

init: wrap io.open/popen with variants setting FD_CLOEXEC

Signed-off-by: Tobias Ulmer <tu@emlix.com>
---

diff --git a/Changelog b/Changelog
index a04461c..b528ff9 100644
--- a/Changelog
+++ b/Changelog
@@ -1,4 +1,5 @@
 NEXT:
+ * Provide io.open/io.popen wrappers that set FD_CLOEXEC
  * On startup, close all file descriptors except for stdin, stdout, and stderr
    as a precautionary measure.
  * luafile.open() sets FD_CLOEXEC by default
diff --git a/generic/e2lib.lua b/generic/e2lib.lua
index 78d01d9..eca58d4 100644
--- a/generic/e2lib.lua
+++ b/generic/e2lib.lua
@@ -141,6 +141,31 @@ function e2lib.init()
     e2util.closefrom(3)
     -- ignore errors, no /proc should not prevent factory from working
 
+    -- Overwrite io functions that create a file descriptor to set the
+    -- CLOEXEC flag by default.
+    local realopen = io.open
+    local realpopen = io.popen
+
+    function io.open(...)
+        local ret = {realopen(...)} -- closure
+        if ret[1] then
+            if not luafile.cloexec(ret[1]) then
+                return nil, "Setting CLOEXEC failed"
+            end
+        end
+        return unpack(ret)
+    end
+
+    function io.popen(...)
+        local ret = {realpopen(...)} -- closure
+        if ret[1] then
+            if not luafile.cloexec(ret[1]) then
+                return nil, "Setting CLOEXEC failed"
+            end
+        end
+        return unpack(ret)
+    end
+
     e2lib.globals.warn_category = {
         WDEFAULT = false,
         WDEPRECATED = false,