diff options
Diffstat (limited to 'src/nspawn/nspawn-setuid.c')
-rw-r--r-- | src/nspawn/nspawn-setuid.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/src/nspawn/nspawn-setuid.c b/src/nspawn/nspawn-setuid.c index e396d66441..5772d96b2f 100644 --- a/src/nspawn/nspawn-setuid.c +++ b/src/nspawn/nspawn-setuid.c @@ -12,7 +12,6 @@ #include "mkdir.h" #include "nspawn-setuid.h" #include "process-util.h" -#include "rlimit-util.h" #include "signal-util.h" #include "string-util.h" #include "strv.h" @@ -29,7 +28,7 @@ static int spawn_getent(const char *database, const char *key, pid_t *rpid) { if (pipe2(pipe_fds, O_CLOEXEC) < 0) return log_error_errno(errno, "Failed to allocate pipe: %m"); - r = safe_fork("(getent)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG, &pid); + r = safe_fork("(getent)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &pid); if (r < 0) { safe_close_pair(pipe_fds); return r; @@ -44,8 +43,6 @@ static int spawn_getent(const char *database, const char *key, pid_t *rpid) { (void) close_all_fds(NULL, 0); - (void) rlimit_nofile_safe(); - execle("/usr/bin/getent", "getent", database, key, NULL, &empty_env); execle("/bin/getent", "getent", database, key, NULL, &empty_env); _exit(EXIT_FAILURE); |