diff options
| author | Joey Hess <joeyh@joeyh.name> | 2017-09-01 18:31:21 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2017-09-01 18:31:21 -0400 |
| commit | d7bd21baf58538b76cb47ac974894cab2b411589 (patch) | |
| tree | e4fb58f6a63f30af6db3a2c827fbcf0862099ef4 | |
| parent | 2218c28618fc918998fdb5aeb7f89f3105e918bb (diff) | |
Make lock file descriptors close-on-exec.
| -rw-r--r-- | debian/changelog | 1 | ||||
| -rw-r--r-- | src/Propellor/Engine.hs | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index c7cfb81a..f254b5a6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -10,6 +10,7 @@ propellor (4.8.0) UNRELEASED; urgency=medium image. * Borg: Fix broken shell escaping in borg cron job. * Attic: Fix broken shell escaping in attic cron job. + * Make lock file descriptors close-on-exec. -- Joey Hess <id@joeyh.name> Thu, 24 Aug 2017 11:00:19 -0400 diff --git a/src/Propellor/Engine.hs b/src/Propellor/Engine.hs index f54da929..b4dc66ce 100644 --- a/src/Propellor/Engine.hs +++ b/src/Propellor/Engine.hs @@ -97,6 +97,7 @@ onlyProcess lockfile a = bracket lock unlock (const a) lock = do createDirectoryIfMissing True (takeDirectory lockfile) l <- createFile lockfile stdFileMode + setFdOption l CloseOnExec True setLock l (WriteLock, AbsoluteSeek, 0, 0) `catchIO` const alreadyrunning return l |