On Thu, Aug 16, 2012 at 05:16:50PM -0600, Eric Blake wrote: > On 08/09/2012 09:20 AM, Daniel P. Berrange wrote: > > From: "Daniel P. Berrange" <berrange@xxxxxxxxxx> > > > > Add two new APIs virNetSocketNewPostExecRestart and > > virNetSocketPreExecRestart which allow a virNetSocketPtr > > object to be created from a JSON object and saved to a > > JSON object, for the purpose of re-exec'ing a process. > > > > As well as saving the state in JSON format, the second > > method will disable the O_CLOEXEC flag so that the open > > file descriptors are preserved across the process re-exec() > > Same problem as 12/23 regarding _when_ you clear O_CLOEXEC. > > > > > Since it is not possible to serialize SASL or TLS encryption > > state, an error will be raised if attempting to perform > > serialization on non-raw sockets > > > > Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> > > --- > > src/libvirt_private.syms | 2 + > > src/rpc/virnetsocket.c | 108 +++++++++++++++++++++++++++++++++++++++++++++++ > > src/rpc/virnetsocket.h | 6 +++ > > 3 files changed, 116 insertions(+) > > > > > > > +virNetSocketPtr virNetSocketNewPostExecRestart(virJSONValuePtr object) > > +{ > > + virSocketAddr localAddr; > > + virSocketAddr remoteAddr; > > + int fd, thepid, errfd; > > + bool isClient; > > + > > + if (virJSONValueObjectGetNumberInt(object, "fd", &fd) < 0) { > > + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", > > + _("Missing fd data in JSON document")); > > + return NULL; > > + } > > + > > + if (virJSONValueObjectGetNumberInt(object, "pid", &thepid) < 0) { > > + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", > > + _("Missing pid data in JSON document")); > > + return NULL; > > + } > > + > > + if (virJSONValueObjectGetNumberInt(object, "errfd", &errfd) < 0) { > > + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", > > + _("Missing errfd data in JSON document")); > > + return NULL; > > + } > > Do you need to re-enable FD_CLOEXEC on fd and errfd at this point? In the scenario in which it is valid to call these APIs, the only thing the caller can do is to exit(), so I'd say we don't need to deal with re-enabling FD_CLOEXEC Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list