Skip to content

Commit

Permalink
fix: add SOCK_CLOEXEC to socket creation
Browse files Browse the repository at this point in the history 
Go runtime automatically adds this flag, but when using raw syscalls, it
should be added manually.

Without this flag, the process leaks a file descriptor on fork/exec.

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
  • Loading branch information
@smira
smira committed Oct 1, 2024
1 parent c9db2ef commit 4d51994
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ethtool.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -964,7 +964,7 @@ func (e *Ethtool) Close() {

// NewEthtool returns a new ethtool handler
func NewEthtool() (*Ethtool, error) {
fd, err := unix.Socket(unix.AF_INET, unix.SOCK_DGRAM, unix.IPPROTO_IP)
fd, err := unix.Socket(unix.AF_INET, unix.SOCK_DGRAM|unix.SOCK_CLOEXEC, unix.IPPROTO_IP)
if err != nil {
return nil, err
}
Expand Down

2 comments on commit 4d51994

@sandykellagher
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change breaks the build for Darwin MacOSX, for which the architecture dependent files zerrors_xxx_xxx.go in golang.org/x/sys/unix do not include unix.SOCK_CLOEXEC

@safchain
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This library is linux dependent. It is not intended to work on MacOSX.

Please sign in to comment.