From ec4a4c46efaf2e7373f331654640f1321c0f2e62 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sat, 28 Feb 2015 22:44:31 +0100 Subject: services: xorg: Fix file descriptor leak from SLiM/xinitrc. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Previously processes started from the window manager would have a couple of leaked file descriptors: writable /var/log/slim.log and readable /gnu/store/…-xinitrc. * gnu/services/xorg.scm (xinitrc)[builder]: Add 'close-all-fdes'. Use it in 'exec-from-login-shell'. --- gnu/services/xorg.scm | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'gnu/services') diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm index 69a89584e0..bc1774840b 100644 --- a/gnu/services/xorg.scm +++ b/gnu/services/xorg.scm @@ -155,6 +155,13 @@ (define builder #~(begin (use-modules (ice-9 match)) + (define (close-all-fdes) + ;; Close all the open file descriptors. + (let loop ((fd 0)) + (when (< fd 4096) ;FIXME: use sysconf + _SC_OPEN_MAX + (false-if-exception (close-fdes fd)) + (loop (+ 1 fd))))) + (define (exec-from-login-shell command . args) ;; Run COMMAND from a login shell so that it gets to see the same ;; environment variables that one gets when logging in on a tty, for @@ -163,6 +170,11 @@ (define (exec-from-login-shell command . args) (shell (passwd:shell pw)) (st (stat command #f))) (when (and st (not (zero? (logand (stat:mode st) #o100)))) + ;; Close any open file descriptors. This is all the more + ;; important that SLiM itself exec's us directly without closing + ;; its own file descriptors! + (close-all-fdes) + ;; The '--login' option is supported at least by Bash and zsh. (execl shell shell "--login" "-c" (string-join (cons command args)))))) -- cgit v1.2.3