validate fds --preserve-fds

validate file descriptors passed from podman run and podman exec --preserve-fds. Signed-off-by: Qi Wang <qiwan@redhat.com>
author: Qi Wang <qiwan@redhat.com> 2020-07-31 10:17:08 -0400
committer: Qi Wang <qiwan@redhat.com> 2020-08-04 15:09:17 -0400
commit: 34e82f81bdbdd26b82501bc2d27d18aaab5747dd (patch)
tree: ed55fcaa4134fd868af07ff981af5d0eb5e4c809 /pkg/rootless/rootless_linux.go
parent: d4cf3c589d09dd395a3b63e82f5a5c198535cb46 (diff)
download: podman-34e82f81bdbdd26b82501bc2d27d18aaab5747dd.tar.gz
podman-34e82f81bdbdd26b82501bc2d27d18aaab5747dd.tar.bz2
podman-34e82f81bdbdd26b82501bc2d27d18aaab5747dd.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go
index ccc8a1d94..c3f1fc7fa 100644
--- a/pkg/rootless/rootless_linux.go
+++ b/pkg/rootless/rootless_linux.go
@@ -32,6 +32,7 @@ extern uid_t rootless_gid();
 extern int reexec_in_user_namespace(int ready, char *pause_pid_file_path, char *file_to_read, int fd);
 extern int reexec_in_user_namespace_wait(int pid, int options);
 extern int reexec_userns_join(int pid, char *pause_pid_file_path);
+extern int is_fd_inherited(int fd);
 */
 import "C"
 
@@ -520,3 +521,8 @@ func ConfigurationMatches() (bool, error) {
 
 	return matches(GetRootlessGID(), gids, currentGIDs), nil
 }
+
+// IsFdInherited checks whether the fd is opened and valid to use
+func IsFdInherited(fd int) bool {
+	return int(C.is_fd_inherited(C.int(fd))) > 0
+}
author	Qi Wang <qiwan@redhat.com>	2020-07-31 10:17:08 -0400
committer	Qi Wang <qiwan@redhat.com>	2020-08-04 15:09:17 -0400
commit	34e82f81bdbdd26b82501bc2d27d18aaab5747dd (patch)
tree	ed55fcaa4134fd868af07ff981af5d0eb5e4c809 /pkg/rootless/rootless_linux.go
parent	d4cf3c589d09dd395a3b63e82f5a5c198535cb46 (diff)
download	podman-34e82f81bdbdd26b82501bc2d27d18aaab5747dd.tar.gz podman-34e82f81bdbdd26b82501bc2d27d18aaab5747dd.tar.bz2 podman-34e82f81bdbdd26b82501bc2d27d18aaab5747dd.zip