Close extraneous file descriptors in containers
Without this patch, containers inherit the open file descriptors of the daemon, so my "exec 42>&2" allows us to "echo >&42 some nasty error with some bad advice" directly into the daemon log. :) Also, "hack/dind" was already doing this due to issues caused by the inheritance, so I'm removing that hack too since this patch obsoletes it by generalizing it for all containers. Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
This commit is contained in:
Tianon Gravi
parent
5479a8e86f
commit
c1dad4d063
3 changed files with 56 additions and 2 deletions
12
system/fds_unsupported.go
Normal file
12
system/fds_unsupported.go
Normal file
|
|
@ -0,0 +1,12 @@
|
|||
// +build !linux
|
||||
|
||||
package system
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"runtime"
|
||||
)
|
||||
|
||||
func CloseFdsFrom(minFd int) error {
|
||||
return fmt.Errorf("CloseFdsFrom is unsupported on this platform (%s/%s)", runtime.GOOS, runtime.GOARCH)
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue