Mercurial > crates > systemd-socket
comparison Cargo.toml @ 25:8e20daee41ed
Set CLOEXEC flag on the descriptors
The received systemd descriptors don't have `O_CLOEXEC` set because they
are received over `exec`. Thus if the process executes a child the child
gets polluted with the descriptors.
To prevent this, we set `O_CLOEXEC` during initialization. However this
also required restructuring of the code because `libsystemd` doesn't
provide temporary access to the descriptors - only permanent one. Thus
we have to "validate" the descriptors eagerly. We still store the
invalid ones as errors to make sure the errors get reported accurately.
| author | Martin Habovstiak <martin.habovstiak@gmail.com> |
|---|---|
| date | Fri, 28 Feb 2025 21:11:19 +0100 |
| parents | 1941e9d9819c |
| children | 0feab4f4c2ce |
comparison
equal
deleted
inserted
replaced
| 24:1941e9d9819c | 25:8e20daee41ed |
|---|---|
| 33 once_cell = "1.13.0" | 33 once_cell = "1.13.0" |
| 34 tokio = { package = "tokio", version = "1.0.0", optional = true, features = ["net"] } | 34 tokio = { package = "tokio", version = "1.0.0", optional = true, features = ["net"] } |
| 35 tokio_0_2 = { package = "tokio", version = "0.2", optional = true, features = ["tcp", "dns"] } | 35 tokio_0_2 = { package = "tokio", version = "0.2", optional = true, features = ["tcp", "dns"] } |
| 36 tokio_0_3 = { package = "tokio", version = "0.3", optional = true, features = ["net"] } | 36 tokio_0_3 = { package = "tokio", version = "0.3", optional = true, features = ["net"] } |
| 37 async-std = { version = "1.7.0", optional = true } | 37 async-std = { version = "1.7.0", optional = true } |
| 38 libc = "0.2.155" |