diff --git a/src/cgroup.c b/src/cgroup.c index 52bea778..04dc1a7a 100644 --- a/src/cgroup.c +++ b/src/cgroup.c @@ -323,12 +323,12 @@ static int write_oom_files() ninfo("OOM received"); if (opt_persist_path) { _cleanup_free_ char *ctr_oom_file_path = g_build_filename(opt_persist_path, "oom", NULL); - _cleanup_close_ int ctr_oom_fd = open(ctr_oom_file_path, O_CREAT, 0666); + _cleanup_close_ int ctr_oom_fd = open(ctr_oom_file_path, O_CREAT | O_CLOEXEC, 0666); if (ctr_oom_fd < 0) { nwarn("Failed to write oom file"); } } - _cleanup_close_ int oom_fd = open("oom", O_CREAT, 0666); + _cleanup_close_ int oom_fd = open("oom", O_CREAT | O_CLOEXEC, 0666); if (oom_fd < 0) { nwarn("Failed to write oom file"); } diff --git a/src/conn_sock.c b/src/conn_sock.c index 65f08779..e5322c22 100644 --- a/src/conn_sock.c +++ b/src/conn_sock.c @@ -179,7 +179,7 @@ static char *setup_socket(int *fd, const char *path) if (dname == NULL) pexitf("Cannot get dirname for %s", csname); - sfd = open(dname, O_CREAT | O_PATH, 0600); + sfd = open(dname, O_CREAT | O_PATH | O_CLOEXEC, 0600); if (sfd < 0) pexit("Failed to create file for console-socket"); @@ -271,7 +271,7 @@ static char *bind_unix_socket(char *socket_relative_name, int sock_type, mode_t * the corresponding entry in `/proc/self/fd` to act as the path to base_path, then we use the socket_relative_name * to actually refer to the file where the socket will be created below. */ - _cleanup_close_ int parent_dir_fd = open(parent_dir, O_PATH); + _cleanup_close_ int parent_dir_fd = open(parent_dir, O_PATH | O_CLOEXEC); if (parent_dir_fd < 0) pexitf("failed to open socket path parent dir %s", parent_dir); diff --git a/src/oom.c b/src/oom.c index 2517eef7..bc0a1dd8 100644 --- a/src/oom.c +++ b/src/oom.c @@ -1,3 +1,5 @@ +#define _GNU_SOURCE + #include "oom.h" #include "utils.h" @@ -11,7 +13,7 @@ static void write_oom_adjust(int oom_score, int *old_value) { #ifdef __linux__ char fmt_oom_score[16]; - int oom_score_fd = open("/proc/self/oom_score_adj", O_RDWR); + int oom_score_fd = open("/proc/self/oom_score_adj", O_RDWR | O_CLOEXEC); if (oom_score_fd < 0) { ndebugf("failed to open /proc/self/oom_score_adj: %s\n", strerror(errno)); return;