diff options
| -rw-r--r-- | debian/changelog | 1 | ||||
| -rw-r--r-- | src/Propellor/Engine.hs | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index c7cfb81a..f254b5a6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -10,6 +10,7 @@ propellor (4.8.0) UNRELEASED; urgency=medium image. * Borg: Fix broken shell escaping in borg cron job. * Attic: Fix broken shell escaping in attic cron job. + * Make lock file descriptors close-on-exec. -- Joey Hess <id@joeyh.name> Thu, 24 Aug 2017 11:00:19 -0400 diff --git a/src/Propellor/Engine.hs b/src/Propellor/Engine.hs index f54da929..b4dc66ce 100644 --- a/src/Propellor/Engine.hs +++ b/src/Propellor/Engine.hs @@ -97,6 +97,7 @@ onlyProcess lockfile a = bracket lock unlock (const a) lock = do createDirectoryIfMissing True (takeDirectory lockfile) l <- createFile lockfile stdFileMode + setFdOption l CloseOnExec True setLock l (WriteLock, AbsoluteSeek, 0, 0) `catchIO` const alreadyrunning return l |