guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: services: xorg: Fix file descriptor leak from SLiM/xinitrc.

From: Ludovic Courtès
Subject: 01/01: services: xorg: Fix file descriptor leak from SLiM/xinitrc.
Date: Sat, 28 Feb 2015 23:25:36 +0000 
civodul pushed a commit to branch master
in repository guix.

commit ec4a4c46efaf2e7373f331654640f1321c0f2e62
Author: Ludovic Courtès <address@hidden>
Date:   Sat Feb 28 22:44:31 2015 +0100

    services: xorg: Fix file descriptor leak from SLiM/xinitrc.
    
    Previously processes started from the window manager would have a couple
    of leaked file descriptors: writable /var/log/slim.log and readable
    /gnu/store/…-xinitrc.
    
    * gnu/services/xorg.scm (xinitrc)[builder]: Add 'close-all-fdes'.  Use
      it in 'exec-from-login-shell'.
---
 gnu/services/xorg.scm |   12 ++++++++++++
 1 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm
index 69a8958..bc17748 100644
--- a/gnu/services/xorg.scm
+++ b/gnu/services/xorg.scm
@@ -155,6 +155,13 @@ which should be passed to this script as the first 
argument.  If not, the
     #~(begin
         (use-modules (ice-9 match))
 
+        (define (close-all-fdes)
+          ;; Close all the open file descriptors.
+          (let loop ((fd 0))
+            (when (< fd 4096)               ;FIXME: use sysconf + _SC_OPEN_MAX
+              (false-if-exception (close-fdes fd))
+              (loop (+ 1 fd)))))
+
         (define (exec-from-login-shell command . args)
           ;; Run COMMAND from a login shell so that it gets to see the same
           ;; environment variables that one gets when logging in on a tty, for
@@ -163,6 +170,11 @@ which should be passed to this script as the first 
argument.  If not, the
                  (shell (passwd:shell pw))
                  (st    (stat command #f)))
             (when (and st (not (zero? (logand (stat:mode st) #o100))))
+              ;; Close any open file descriptors.  This is all the more
+              ;; important that SLiM itself exec's us directly without closing
+              ;; its own file descriptors!
+              (close-all-fdes)
+
               ;; The '--login' option is supported at least by Bash and zsh.
               (execl shell shell "--login" "-c"
                      (string-join (cons command args))))))
reply via email to
[Prev in Thread] Current Thread [Next in Thread]