diff options
author | Ludovic Courtès <ludo@gnu.org> | 2022-09-12 14:32:21 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2022-09-13 00:31:04 +0200 |
commit | 491dd62b38e1772f3e50de58118d9b9ac97272ff (patch) | |
tree | 8b6eecfcff1637aaf3cd7612f3d84d2da72ba6b8 | |
parent | 66fdaf3677e5f7833a02096a2bcb1e9653efbb16 (diff) | |
download | guix-491dd62b38e1772f3e50de58118d9b9ac97272ff.tar.gz guix-491dd62b38e1772f3e50de58118d9b9ac97272ff.zip |
secret-service: Mark sockets as SOCK_CLOEXEC.
* gnu/build/secret-service.scm (secret-service-send-secrets)
(secret-service-receive-secrets): Pass SOCK_CLOEXEC to 'socket'.
-rw-r--r-- | gnu/build/secret-service.scm | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/gnu/build/secret-service.scm b/gnu/build/secret-service.scm index 1baa058635..b362b901be 100644 --- a/gnu/build/secret-service.scm +++ b/gnu/build/secret-service.scm @@ -119,7 +119,7 @@ wait for at most HANDSHAKE-TIMEOUT seconds for handshake to complete. Return files))) (log "sending secrets to ~a~%" port) - (let ((sock (socket AF_INET SOCK_STREAM 0)) + (let ((sock (socket AF_INET (logior SOCK_CLOEXEC SOCK_STREAM) 0)) (addr (make-socket-address AF_INET INADDR_LOOPBACK port)) (sleep (if (resolve-module '(fibers) #f) (module-ref (resolve-interface '(fibers)) 'sleep) @@ -177,7 +177,7 @@ and #f otherwise." ;; Wait for a TCP connection on PORT. Note: We cannot use the ;; virtio-serial ports, which would be safer, because they are ;; (presumably) unsupported on GNU/Hurd. - (let ((sock (socket AF_INET SOCK_STREAM 0))) + (let ((sock (socket AF_INET (logior SOCK_CLOEXEC SOCK_STREAM) 0))) (bind sock AF_INET INADDR_ANY port) (listen sock 1) (log "waiting for secrets on port ~a...~%" port) |