wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-07-06 05:01:48 +02:00
Code Activity

libutil: rename and optimize closeMostFDs

Browse source 
this is only used to close non-stdio files in derivation sandboxes. we
may as well encode that in its name, drop the unnecessary integer set,
and use close_range to deal with the actual closing of files. not only
is this clearer, it also makes sandbox setup on linux fast by 1ms each

(cherry-picked and adapted from
c7d97802e4)

Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
Co-authored-by: John Ericson <git@JohnEricson.me>
This commit is contained in:
eldritch horrors 2024-08-09 21:17:52 +02:00 committed by Jörg Thalheim
parent af26fe3934
commit 03b258bf97
3 changed files with 28 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/libutil/file-descriptor.hh
View file

@ -143,10 +143,10 @@ public:
namespace unix {
/**
* Close all file descriptors except those listed in the given set.
* Close all file descriptors except stdio fds (ie 0, 1, 2).
* Good practice in child processes.
*/
void closeMostFDs(const std::set<Descriptor> & exceptions);
void closeExtraFDs();
/**
* Set the close-on-exec flag for the given file descriptor.