close sockets when we exec scripts

diff --git a/common/ctdb_client.c b/common/ctdb_client.c
index 8a96dbc7caf81afb06b5e1e042359733d3d91c9f..2a47a5ed222211c8c1fd5a4e52cba60fa38bcf4c 100644 (file)
--- a/common/ctdb_client.c
+++ b/common/ctdb_client.c
@@ -174,6 +174,9 @@ int ctdb_socket_connect(struct ctdb_context *ctdb)
        if (ctdb->daemon.sd == -1) {
                return -1;
        }
+
+       set_nonblocking(ctdb->daemon.sd);
+       set_close_on_exec(ctdb->daemon.sd);
        
        if (connect(ctdb->daemon.sd, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
                close(ctdb->daemon.sd);

diff --git a/common/ctdb_daemon.c b/common/ctdb_daemon.c
index a8339bb7fec0168b012a1e4ce1e638152b132d3c..3009cb5d434fe03754f1742aec9b2390992ed99b 100644 (file)
--- a/common/ctdb_daemon.c
+++ b/common/ctdb_daemon.c
@@ -101,13 +101,6 @@ static void ctdb_main_loop(struct ctdb_context *ctdb)
 }
 
 
-static void set_non_blocking(int fd)
-{
-       unsigned v;
-       v = fcntl(fd, F_GETFL, 0);
-        fcntl(fd, F_SETFL, v | O_NONBLOCK);
-}
-
 static void block_signal(int signum)
 {
        struct sigaction act;
@@ -585,7 +578,9 @@ static void ctdb_accept_client(struct event_context *ev, struct fd_event *fde,
        if (fd == -1) {
                return;
        }
-       set_non_blocking(fd);
+
+       set_nonblocking(fd);
+       set_close_on_exec(fd);
 
        client = talloc_zero(ctdb, struct ctdb_client);
        client->ctdb = ctdb;
@@ -634,6 +629,9 @@ static int ux_socket_bind(struct ctdb_context *ctdb)
                return -1;
        }
 
+       set_nonblocking(ctdb->daemon.sd);
+       set_close_on_exec(ctdb->daemon.sd);
+
 #if 0
        /* AIX doesn't like this :( */
        if (fchown(ctdb->daemon.sd, geteuid(), getegid()) != 0 ||
@@ -643,7 +641,7 @@ static int ux_socket_bind(struct ctdb_context *ctdb)
        }
 #endif
 
-       set_non_blocking(ctdb->daemon.sd);
+       set_nonblocking(ctdb->daemon.sd);
 
        memset(&addr, 0, sizeof(addr));
        addr.sun_family = AF_UNIX;

diff --git a/common/ctdb_util.c b/common/ctdb_util.c
index d88b809f1428c32ac6d1075cba2c4d5344974110..71d11734ef4fd398287e4f03c9949837f16da6ca 100644 (file)
--- a/common/ctdb_util.c
+++ b/common/ctdb_util.c
@@ -217,3 +217,18 @@ void ctdb_set_realtime(void)
        }
 #endif
 }
+
+void set_nonblocking(int fd)
+{
+       unsigned v;
+       v = fcntl(fd, F_GETFL, 0);
+        fcntl(fd, F_SETFL, v | O_NONBLOCK);
+}
+
+void set_close_on_exec(int fd)
+{
+       unsigned v;
+       v = fcntl(fd, F_GETFD, 0);
+        fcntl(fd, F_SETFD, v | FD_CLOEXEC);
+}
+

diff --git a/include/ctdb_private.h b/include/ctdb_private.h
index 92cc1a42636c65078de3194e3081bbb52be45dcf..80424a45b0061b10c917ebce746ccb4151d77d6a 100644 (file)
--- a/include/ctdb_private.h
+++ b/include/ctdb_private.h
@@ -955,6 +955,8 @@ int ctdb_event_script_callback(struct ctdb_context *ctdb,
                               const char *fmt, ...) PRINTF_ATTRIBUTE(3,4);
 void ctdb_release_all_ips(struct ctdb_context *ctdb);
 
+void set_nonblocking(int fd);
+void set_close_on_exec(int fd);
 
 
 #endif

diff --git a/tcp/tcp_connect.c b/tcp/tcp_connect.c
index fa249d5fba039821e19b425e51ed6dacb13cb899..0a9dc5106b8d8d29dc12058f3086768ab6ee2402 100644 (file)
--- a/tcp/tcp_connect.c
+++ b/tcp/tcp_connect.c
@@ -26,14 +26,6 @@
 #include "../include/ctdb_private.h"
 #include "ctdb_tcp.h"
 
-static void set_nonblocking(int fd)
-{
-       unsigned v;
-       v = fcntl(fd, F_GETFL, 0);
-        fcntl(fd, F_SETFL, v | O_NONBLOCK);
-}
-
-
 /*
   called when a complete packet has come in - should not happen on this socket
  */
@@ -134,6 +126,7 @@ void ctdb_tcp_node_connect(struct event_context *ev, struct timed_event *te,
        tnode->fd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
 
        set_nonblocking(tnode->fd);
+       set_close_on_exec(tnode->fd);
 
        ZERO_STRUCT(sock_out);
 #ifdef HAVE_SOCK_SIN_LEN
@@ -213,6 +206,7 @@ static void ctdb_listen_event(struct event_context *ev, struct fd_event *fde,
        in->ctdb = ctdb;
 
        set_nonblocking(in->fd);
+       set_close_on_exec(in->fd);
 
         setsockopt(in->fd,SOL_SOCKET,SO_KEEPALIVE,(char *)&one,sizeof(one));
 
@@ -322,6 +316,8 @@ int ctdb_tcp_listen(struct ctdb_context *ctdb)
                return -1;
        }
 
+       set_close_on_exec(ctcp->listen_fd);
+
         setsockopt(ctcp->listen_fd,SOL_SOCKET,SO_REUSEADDR,(char *)&one,sizeof(one));
 
        /* we can either auto-bind to the first available address, or we can