aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2022-09-04 16:04:31 +0200
committerLudovic Courtès <ludo@gnu.org>2022-09-04 23:10:10 +0200
commit7a2acbdc5a9eed7c5dc3fe947f54fbebd89c0892 (patch)
tree76986fb2c92589dc53d21ddd73001d72af855774 /tests
parent2028419e30719e3f1f7aca3d4531f1686c3ebb62 (diff)
downloadguix-7a2acbdc5a9eed7c5dc3fe947f54fbebd89c0892.tar
guix-7a2acbdc5a9eed7c5dc3fe947f54fbebd89c0892.tar.gz
store: Open daemon connections with SOCK_CLOEXEC.
Previously, 'guix shell' for example would leak the socket that's connected to the daemon. * guix/store.scm (open-unix-domain-socket, open-inet-socket): Pass SOCK_CLOEXEC to 'socket'. * tests/guix-shell.sh: Add test.
Diffstat (limited to 'tests')
-rw-r--r--tests/guix-shell.sh10
1 files changed, 10 insertions, 0 deletions
diff --git a/tests/guix-shell.sh b/tests/guix-shell.sh
index 6340f90574..9a6b055264 100644
--- a/tests/guix-shell.sh
+++ b/tests/guix-shell.sh
@@ -38,6 +38,16 @@ guix shell --bootstrap --pure guile-bootstrap -- guile --version
# Rejecting unsupported packages.
! guix shell -s armhf-linux intelmetool -n
+# Test approximately that the child process does not inherit extra file
+# descriptors. Ideally we'd check there's nothing more than 0, 1, and 2, but
+# we cannot do that because (1) we might be inheriting additional FDs, for
+# example due to <https://issues.guix.gnu.org/57567>, and (2) Bash itself
+# opens a couple of extra FDs.
+initial_fd_list="$(echo /proc/$$/fd/*)"
+fd_list="$(guix shell --bootstrap guile-bootstrap -- \
+ "$SHELL" -c 'echo /proc/$$/fd/*')"
+test "$(echo $fd_list | wc -w)" -le "$(echo $initial_fd_list | wc -w)"
+
# Ignoring unauthorized files.
cat > "$tmpdir/guix.scm" <<EOF
This is a broken guix.scm file.