diff options
| author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2023-02-07 06:33:06 +0100 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2023-02-07 06:39:49 +0100 |
| commit | f3f2d02e9731e65eb15c26980305cd47e028f4fc (patch) | |
| tree | a9658f0e205450dd16279d9881ed301fb3d0ab95 /src/nspawn/nspawn-setuid.c | |
| parent | udevd: configure a child process name for worker processes (diff) | |
| download | systemd-f3f2d02e9731e65eb15c26980305cd47e028f4fc.tar.xz systemd-f3f2d02e9731e65eb15c26980305cd47e028f4fc.zip | |
tree-wide: set FORK_RLIMIT_NOFILE_SAFE flag
No functional changes, just refactoring.
Diffstat (limited to 'src/nspawn/nspawn-setuid.c')
| -rw-r--r-- | src/nspawn/nspawn-setuid.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/src/nspawn/nspawn-setuid.c b/src/nspawn/nspawn-setuid.c index e396d66441..5772d96b2f 100644 --- a/src/nspawn/nspawn-setuid.c +++ b/src/nspawn/nspawn-setuid.c @@ -12,7 +12,6 @@ #include "mkdir.h" #include "nspawn-setuid.h" #include "process-util.h" -#include "rlimit-util.h" #include "signal-util.h" #include "string-util.h" #include "strv.h" @@ -29,7 +28,7 @@ static int spawn_getent(const char *database, const char *key, pid_t *rpid) { if (pipe2(pipe_fds, O_CLOEXEC) < 0) return log_error_errno(errno, "Failed to allocate pipe: %m"); - r = safe_fork("(getent)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG, &pid); + r = safe_fork("(getent)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &pid); if (r < 0) { safe_close_pair(pipe_fds); return r; @@ -44,8 +43,6 @@ static int spawn_getent(const char *database, const char *key, pid_t *rpid) { (void) close_all_fds(NULL, 0); - (void) rlimit_nofile_safe(); - execle("/usr/bin/getent", "getent", database, key, NULL, &empty_env); execle("/bin/getent", "getent", database, key, NULL, &empty_env); _exit(EXIT_FAILURE); |