catatonit 0.1.6
This release fixes two issues found by @alexlarsson and fixed by @guiseppe:
-
Container-based socket activation support with runc sets LISTEN_PID=1 when
forwarding socket-activation-related file descriptors, but with catatonit
this doesn't work because catatonit is pid1 not the actual container
process. As such, catatonit will now rewrite the LISTEN_PIDS environment
variable to equal the pid2 pid if LISTEN_PIDS is equal to the pid of
catatonit. -
File descriptors passed to the pid2 process were not closed by catatonit
after starting pid2 which could lead to several negative scenarios (such as
resources being kept around unnecessarily). Now catatonit will close all >=3
file descriptors after spawning the child process.
And a miscellaneous issue about a file handle for /dev/tty being leaked to pid2
because O_CLOEXEC wasn't set (in the original Rust version O_CLOEXEC isn't
necessary because that's the default setting for Rust file handles).
Signed-off-by: Aleksa Sarai cyphar@cyphar.com