summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorsersut <serdar@opscode.com>2013-04-16 09:35:07 -0700
committersersut <serdar@opscode.com>2013-04-16 09:35:07 -0700
commitfc9f845dc5e91c19008781b4cbb5d42eb1d1e669 (patch)
treebe9cc2503aa8e36b9e08a997f695c7c08647fa8a /lib
parent6061e84ec5a1aca932746ec631ae903e89cd0f97 (diff)
downloadmixlib-shellout-fc9f845dc5e91c19008781b4cbb5d42eb1d1e669.tar.gz
Clean inherited file descriptors from the parent while forking subprocess.
Diffstat (limited to 'lib')
-rw-r--r--lib/mixlib/shellout/unix.rb22
1 files changed, 22 insertions, 0 deletions
diff --git a/lib/mixlib/shellout/unix.rb b/lib/mixlib/shellout/unix.rb
index 776169d..d7082e1 100644
--- a/lib/mixlib/shellout/unix.rb
+++ b/lib/mixlib/shellout/unix.rb
@@ -178,6 +178,26 @@ module Mixlib
STDIN.sync = true if input
end
+ # When a new process is started with chef, it shares the file
+ # descriptors of the parent. We clean the file descriptors
+ # coming from the parent to prevent unintended locking if parent
+ # is killed.
+ # NOTE: After some discussions we've decided to iterate on file
+ # descriptors upto 256. We believe this is a reasonable upper
+ # limit in a chef environment. If we have issues in the future this
+ # number could be made to be configurable or updated based on
+ # the ulimit based on platform.
+ def clean_parent_file_descriptors
+ # Don't clean $stdin, $stdout, $stderr, process_status_pipe.
+ # Also 3 & 4 is reserved by RubyVM
+ 5.upto(256) do |n|
+ fd = File.for_fd(n) rescue nil
+ if fd && process_status_pipe.last.to_i != n
+ fd.close
+ end
+ end
+ end
+
def configure_parent_process_file_descriptors
# Close the sides of the pipes we don't care about
stdin_pipe.first.close
@@ -231,6 +251,8 @@ module Mixlib
fork do
configure_subprocess_file_descriptors
+ clean_parent_file_descriptors
+
set_group
set_user
set_environment