34 lines
1.1 KiB
Diff
34 lines
1.1 KiB
Diff
From b7bcb1b3b953c2052e2d89cb2b3e9d9ccd1b3864 Mon Sep 17 00:00:00 2001
|
|
From: Rob Crittenden <rcritten@redhat.com>
|
|
Date: Thu, 10 Oct 2019 16:28:18 -0400
|
|
Subject: [PATCH] Don't close STDOUT when calling the CA fetch_roots function
|
|
|
|
cm_subproc_mark_most_cloexec() now closes all open file
|
|
descriptors except for up to three requested for stdin, stdout
|
|
and stderr. Before the optimization those three were always
|
|
left open.
|
|
|
|
This was causing errors in the IPA helper ipa-server-guard
|
|
because it tries to display the contents of stderr which was
|
|
always being closed, causing ipa-server-guard to blow up.
|
|
---
|
|
src/cadata.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/cadata.c b/src/cadata.c
|
|
index eb87eb76..3e916c96 100644
|
|
--- a/src/cadata.c
|
|
+++ b/src/cadata.c
|
|
@@ -109,7 +109,7 @@ fetch(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry, void *data)
|
|
}
|
|
return -1;
|
|
}
|
|
- cm_subproc_mark_most_cloexec(STDOUT_FILENO, -1, -1);
|
|
+ cm_subproc_mark_most_cloexec(STDOUT_FILENO, STDERR_FILENO, -1);
|
|
cm_log(1, "Running enrollment/cadata helper \"%s\".\n", argv[0]);
|
|
execvp(argv[0], argv);
|
|
u = errno;
|
|
--
|
|
2.21.0
|
|
|