Commit 835a4fc
committed
Ensure fd 0 stdin </dev/null is always inheritable.
When gunicorn --daemon daemonizes the process, prior to this change it was
noted that in the general case (without -R / --enable-stdio-inheritance), when fd 0
was replaced with /dev/null, the dup2 copy is skipped, and per PEP 446
"Make newly created file descriptors non-inheritable", the result was a stdio
fd </dev/null which was non-inheritable. As a result, any launched subprocess
did not have an open 0/stdin fd, which can cause problems in some applications.
This change retains the behaviour of opening /dev/null with fd 0, but adds a call
to os.set_inheritable(..) to ensure the fd is inheritable.
The -R branch had different logic but has now been standardised with the general
case. It was previously opening /dev/null as fd 3 and the dup2() copy made it
inheritable as fd 0. This branch now applies the same logic: open as fd 0
(i.e. after close(0)), then set_inheritable. As a result, an extra fd 3 </dev/null
previously left open is no longer left open.
Signed-off-by: Brett Randall <[email protected]>1 parent e5a9715 commit 835a4fc
1 file changed
+10
-3
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
486 | 486 | | |
487 | 487 | | |
488 | 488 | | |
| 489 | + | |
| 490 | + | |
489 | 491 | | |
| 492 | + | |
490 | 493 | | |
491 | 494 | | |
492 | 495 | | |
493 | 496 | | |
494 | 497 | | |
495 | 498 | | |
496 | 499 | | |
497 | | - | |
498 | | - | |
499 | 500 | | |
500 | 501 | | |
501 | 502 | | |
| 503 | + | |
| 504 | + | |
| 505 | + | |
| 506 | + | |
| 507 | + | |
| 508 | + | |
| 509 | + | |
502 | 510 | | |
503 | | - | |
504 | 511 | | |
505 | 512 | | |
506 | 513 | | |
| |||
0 commit comments