From: Junio C Hamano <gitster@pobox.com>
To: "Paul Tarjan via GitGitGadget" <gitgitgadget@gmail.com>
Cc: git@vger.kernel.org, Patrick Steinhardt <ps@pks.im>,
Paul Tarjan <paul@paultarjan.com>,
Paul Tarjan <github@paulisageek.com>
Subject: Re: [PATCH v8 08/12] run-command: add close_fd_above_stderr option
Date: Wed, 04 Mar 2026 12:51:00 -0800 [thread overview]
Message-ID: <xmqq8qc771zf.fsf@gitster.g> (raw)
In-Reply-To: <29a6461915ce9d2abedb29e475d589bb8d24934a.1772648125.git.gitgitgadget@gmail.com> (Paul Tarjan via GitGitGadget's message of "Wed, 04 Mar 2026 18:15:21 +0000")
"Paul Tarjan via GitGitGadget" <gitgitgadget@gmail.com> writes:
> From: Paul Tarjan <github@paulisageek.com>
>
> Add a new option to struct child_process that closes file descriptors
> 3 and above in the child after forking but before exec. Without this,
> long-running child processes inherit pipe endpoints and other
> descriptors from the parent environment.
>
> The upper bound for the fd scan comes from sysconf(_SC_OPEN_MAX),
> capped at 4096 to avoid excessive iteration when the limit is set
> very high.
>
> Signed-off-by: Paul Tarjan <github@paulisageek.com>
> ---
> run-command.c | 11 +++++++++++
> run-command.h | 9 +++++++++
> 2 files changed, 20 insertions(+)
>
> diff --git a/run-command.c b/run-command.c
> index e3e02475cc..cbadcf5ff8 100644
> --- a/run-command.c
> +++ b/run-command.c
> @@ -832,6 +832,17 @@ fail_pipe:
> child_close(cmd->out);
> }
>
> + if (cmd->close_fd_above_stderr) {
> + long max_fd = sysconf(_SC_OPEN_MAX);
> + int fd;
> + if (max_fd < 0 || max_fd > 4096)
> + max_fd = 4096;
> + for (fd = 3; fd < max_fd; fd++) {
> + if (fd != child_notifier)
> + close(fd);
> + }
> + }
> +
> if (cmd->dir && chdir(cmd->dir))
> child_die(CHILD_ERR_CHDIR);
The need for this particular "close file descriptors other than the
standard ones" may be common enough that I do not mind to have it
inside "run-command.c", but I wonder if a generic callback function
to call here in the child between fork and exec that the caller can
supply would be a good thing to have. Then, any caller who may want
to set close_fd_above_stderr could instead prepare a callback that
does the body of the above if statement themselves.
> diff --git a/run-command.h b/run-command.h
> index 0df25e445f..a1aa1b1069 100644
> --- a/run-command.h
> +++ b/run-command.h
> @@ -141,6 +141,15 @@ struct child_process {
> unsigned stdout_to_stderr:1;
> unsigned clean_on_exit:1;
> unsigned wait_after_clean:1;
> +
> + /**
> + * Close file descriptors 3 and above in the child after forking
> + * but before exec. This prevents the long-running child from
> + * inheriting pipe endpoints or other descriptors from the parent
> + * environment (e.g., the test harness).
> + */
> + unsigned close_fd_above_stderr:1;
> +
> void (*clean_on_exit_handler)(struct child_process *process);
> };
next prev parent reply other threads:[~2026-03-04 20:51 UTC|newest]
Thread overview: 129+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-30 8:14 [PATCH] fsmonitor: implement filesystem change listener for Linux Paul Tarjan via GitGitGadget
2025-12-30 11:38 ` Junio C Hamano
2025-12-30 12:08 ` [PATCH v2] " Paul Tarjan via GitGitGadget
2025-12-30 12:55 ` [PATCH v3] " Paul Tarjan via GitGitGadget
2025-12-31 17:41 ` [PATCH v4] " Paul Tarjan via GitGitGadget
2026-01-05 12:07 ` Patrick Steinhardt
2026-02-20 22:18 ` Junio C Hamano
2026-02-21 16:15 ` Paul Tarjan
2026-02-21 17:07 ` Junio C Hamano
2026-02-23 6:34 ` Patrick Steinhardt
2026-02-23 15:42 ` Junio C Hamano
2026-02-23 15:46 ` Patrick Steinhardt
2026-02-24 1:34 ` Paul Tarjan
2026-02-24 8:03 ` Patrick Steinhardt
2026-02-24 1:31 ` [PATCH v5] " Paul Tarjan via GitGitGadget
2026-02-24 8:03 ` Patrick Steinhardt
2026-02-25 20:17 ` [PATCH v6 00/10] " Paul Tarjan via GitGitGadget
2026-02-25 20:17 ` [PATCH v6 01/10] fsmonitor: fix khash memory leak in do_handle_client Paul Tarjan via GitGitGadget
2026-02-25 21:01 ` Junio C Hamano
2026-02-25 20:17 ` [PATCH v6 02/10] fsmonitor: fix hashmap memory leak in fsmonitor_run_daemon Paul Tarjan via GitGitGadget
2026-02-25 20:17 ` [PATCH v6 03/10] compat/win32: add pthread_cond_timedwait Paul Tarjan via GitGitGadget
2026-02-25 20:17 ` [PATCH v6 04/10] fsmonitor: use pthread_cond_timedwait for cookie wait Paul Tarjan via GitGitGadget
2026-02-25 21:13 ` Junio C Hamano
2026-02-27 6:31 ` Paul Tarjan
2026-02-27 16:44 ` Junio C Hamano
2026-02-28 0:28 ` Paul Tarjan
2026-02-25 21:17 ` Junio C Hamano
2026-02-27 6:31 ` Paul Tarjan
2026-02-25 20:17 ` [PATCH v6 05/10] fsmonitor: deduplicate IPC path logic for Unix platforms Paul Tarjan via GitGitGadget
2026-02-25 21:30 ` Junio C Hamano
2026-02-27 6:31 ` Paul Tarjan
2026-02-25 20:17 ` [PATCH v6 06/10] fsmonitor: deduplicate settings " Paul Tarjan via GitGitGadget
2026-02-25 21:31 ` Junio C Hamano
2026-02-27 6:31 ` Paul Tarjan
2026-02-25 20:17 ` [PATCH v6 07/10] fsmonitor: implement filesystem change listener for Linux Paul Tarjan via GitGitGadget
2026-02-25 20:17 ` [PATCH v6 08/10] fsmonitor: add tests " Paul Tarjan via GitGitGadget
2026-02-25 20:17 ` [PATCH v6 09/10] run-command: add close_fd_above_stderr option Paul Tarjan via GitGitGadget
2026-02-25 21:41 ` Junio C Hamano
2026-02-25 20:17 ` [PATCH v6 10/10] fsmonitor: close inherited file descriptors and detach in daemon Paul Tarjan via GitGitGadget
2026-02-26 0:27 ` [PATCH v7 00/10] fsmonitor: implement filesystem change listener for Linux Paul Tarjan via GitGitGadget
2026-02-26 0:27 ` [PATCH v7 01/10] fsmonitor: fix khash memory leak in do_handle_client Paul Tarjan via GitGitGadget
2026-03-04 7:42 ` Patrick Steinhardt
2026-03-04 18:17 ` Paul Tarjan
2026-02-26 0:27 ` [PATCH v7 02/10] fsmonitor: fix hashmap memory leak in fsmonitor_run_daemon Paul Tarjan via GitGitGadget
2026-03-04 7:42 ` Patrick Steinhardt
2026-03-04 18:17 ` Paul Tarjan
2026-02-26 0:27 ` [PATCH v7 03/10] compat/win32: add pthread_cond_timedwait Paul Tarjan via GitGitGadget
2026-03-04 7:42 ` Patrick Steinhardt
2026-03-04 18:17 ` Paul Tarjan
2026-02-26 0:27 ` [PATCH v7 04/10] fsmonitor: use pthread_cond_timedwait for cookie wait Paul Tarjan via GitGitGadget
2026-03-04 7:42 ` Patrick Steinhardt
2026-03-04 18:17 ` Paul Tarjan
2026-02-26 0:27 ` [PATCH v7 05/10] fsmonitor: deduplicate IPC path logic for Unix platforms Paul Tarjan via GitGitGadget
2026-03-04 7:42 ` Patrick Steinhardt
2026-03-04 18:17 ` Paul Tarjan
2026-02-26 0:27 ` [PATCH v7 06/10] fsmonitor: deduplicate settings " Paul Tarjan via GitGitGadget
2026-03-04 7:43 ` Patrick Steinhardt
2026-03-04 18:17 ` Paul Tarjan
2026-02-26 0:27 ` [PATCH v7 07/10] fsmonitor: implement filesystem change listener for Linux Paul Tarjan via GitGitGadget
2026-03-04 7:43 ` Patrick Steinhardt
2026-03-04 18:17 ` Paul Tarjan
2026-02-26 0:27 ` [PATCH v7 08/10] fsmonitor: add tests " Paul Tarjan via GitGitGadget
2026-03-04 7:43 ` Patrick Steinhardt
2026-03-04 18:17 ` Paul Tarjan
2026-02-26 0:27 ` [PATCH v7 09/10] run-command: add close_fd_above_stderr option Paul Tarjan via GitGitGadget
2026-02-26 0:27 ` [PATCH v7 10/10] fsmonitor: close inherited file descriptors and detach in daemon Paul Tarjan via GitGitGadget
2026-03-04 7:43 ` Patrick Steinhardt
2026-03-04 18:17 ` Paul Tarjan
2026-02-26 15:34 ` [PATCH v7 00/10] fsmonitor: implement filesystem change listener for Linux Junio C Hamano
2026-03-04 18:15 ` [PATCH v8 00/12] " Paul Tarjan via GitGitGadget
2026-03-04 18:15 ` [PATCH v8 01/12] fsmonitor: fix khash memory leak in do_handle_client Paul Tarjan via GitGitGadget
2026-03-04 18:15 ` [PATCH v8 02/12] fsmonitor: fix hashmap memory leak in fsmonitor_run_daemon Paul Tarjan via GitGitGadget
2026-03-04 18:15 ` [PATCH v8 03/12] compat/win32: add pthread_cond_timedwait Paul Tarjan via GitGitGadget
2026-03-04 18:15 ` [PATCH v8 04/12] fsmonitor: use pthread_cond_timedwait for cookie wait Paul Tarjan via GitGitGadget
2026-03-04 18:15 ` [PATCH v8 05/12] fsmonitor: rename fsm-ipc-darwin.c to fsm-ipc-unix.c Paul Tarjan via GitGitGadget
2026-03-04 18:15 ` [PATCH v8 06/12] fsmonitor: rename fsm-settings-darwin.c to fsm-settings-unix.c Paul Tarjan via GitGitGadget
2026-03-04 18:15 ` [PATCH v8 07/12] fsmonitor: implement filesystem change listener for Linux Paul Tarjan via GitGitGadget
2026-03-04 18:15 ` [PATCH v8 08/12] run-command: add close_fd_above_stderr option Paul Tarjan via GitGitGadget
2026-03-04 20:51 ` Junio C Hamano [this message]
2026-03-05 0:49 ` [PATCH v8 09/12] " Paul Tarjan
2026-03-05 4:13 ` Junio C Hamano
2026-03-05 6:38 ` [PATCH v9 09/12] run-command: add pre-exec callback for child processes Paul Tarjan
2026-03-04 18:15 ` [PATCH v8 09/12] fsmonitor: close inherited file descriptors and detach in daemon Paul Tarjan via GitGitGadget
2026-03-04 18:15 ` [PATCH v8 10/12] fsmonitor: add timeout to daemon stop command Paul Tarjan via GitGitGadget
2026-03-04 18:15 ` [PATCH v8 11/12] fsmonitor: add tests for Linux Paul Tarjan via GitGitGadget
2026-03-04 18:15 ` [PATCH v8 12/12] fsmonitor: convert shown khash to strset in do_handle_client Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 00/12] fsmonitor: implement filesystem change listener for Linux Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 01/12] fsmonitor: fix khash memory leak in do_handle_client Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 02/12] fsmonitor: fix hashmap memory leak in fsmonitor_run_daemon Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 03/12] compat/win32: add pthread_cond_timedwait Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 04/12] fsmonitor: use pthread_cond_timedwait for cookie wait Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 05/12] fsmonitor: rename fsm-ipc-darwin.c to fsm-ipc-unix.c Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 06/12] fsmonitor: rename fsm-settings-darwin.c to fsm-settings-unix.c Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 07/12] fsmonitor: implement filesystem change listener for Linux Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 08/12] run-command: add pre-exec callback for child processes Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 09/12] fsmonitor: close inherited file descriptors and detach in daemon Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 10/12] fsmonitor: add timeout to daemon stop command Paul Tarjan via GitGitGadget
2026-03-05 0:51 ` [PATCH v9 11/12] fsmonitor: add tests for Linux Paul Tarjan via GitGitGadget
2026-03-05 0:52 ` [PATCH v9 12/12] fsmonitor: convert shown khash to strset in do_handle_client Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 00/12] fsmonitor: implement filesystem change listener for Linux Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 01/12] fsmonitor: fix khash memory leak in do_handle_client Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 02/12] fsmonitor: fix hashmap memory leak in fsmonitor_run_daemon Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 03/12] compat/win32: add pthread_cond_timedwait Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 04/12] fsmonitor: use pthread_cond_timedwait for cookie wait Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 05/12] fsmonitor: rename fsm-ipc-darwin.c to fsm-ipc-unix.c Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 06/12] fsmonitor: rename fsm-settings-darwin.c to fsm-settings-unix.c Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 07/12] fsmonitor: implement filesystem change listener for Linux Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 08/12] run-command: add pre-exec callback for child processes Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 09/12] fsmonitor: close inherited file descriptors and detach in daemon Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 10/12] fsmonitor: add timeout to daemon stop command Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 11/12] fsmonitor: add tests for Linux Paul Tarjan via GitGitGadget
2026-03-05 1:16 ` [PATCH v10 12/12] fsmonitor: convert shown khash to strset in do_handle_client Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 00/12] fsmonitor: implement filesystem change listener for Linux Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 01/12] fsmonitor: fix khash memory leak in do_handle_client Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 02/12] fsmonitor: fix hashmap memory leak in fsmonitor_run_daemon Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 03/12] compat/win32: add pthread_cond_timedwait Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 04/12] fsmonitor: use pthread_cond_timedwait for cookie wait Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 05/12] fsmonitor: rename fsm-ipc-darwin.c to fsm-ipc-unix.c Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 06/12] fsmonitor: rename fsm-settings-darwin.c to fsm-settings-unix.c Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 07/12] fsmonitor: implement filesystem change listener for Linux Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 08/12] run-command: add close_fd_above_stderr option Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 09/12] fsmonitor: close inherited file descriptors and detach in daemon Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 10/12] fsmonitor: add timeout to daemon stop command Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 11/12] fsmonitor: add tests for Linux Paul Tarjan via GitGitGadget
2026-03-05 6:55 ` [PATCH v11 12/12] fsmonitor: convert shown khash to strset in do_handle_client Paul Tarjan via GitGitGadget
2026-03-05 7:37 ` [PATCH v11 00/12] fsmonitor: implement filesystem change listener for Linux Patrick Steinhardt
2026-03-05 14:15 ` Paul Tarjan
2026-03-25 20:00 ` Junio C Hamano
2025-12-30 15:37 ` [PATCH v2] " Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq8qc771zf.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=github@paulisageek.com \
--cc=paul@paultarjan.com \
--cc=ps@pks.im \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox