about summary refs log tree commit homepage
path: root/lib
diff options
context:
space:
mode:
authorEric Wong <normalperson@yhbt.net>2009-04-01 11:32:47 -0700
committerEric Wong <normalperson@yhbt.net>2009-04-01 11:32:47 -0700
commite3a6639e270157c4fdc4112a6996c9e7d74acedd (patch)
tree725f8001440f732890b7366f1c53cda2817a4fc6 /lib
parent5c5cff9ab839b32d32f762eedc94ab39acde663c (diff)
downloadunicorn-e3a6639e270157c4fdc4112a6996c9e7d74acedd.tar.gz
Prevent subtle leaks here, too.
Diffstat (limited to 'lib')
-rw-r--r--lib/unicorn.rb5
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/unicorn.rb b/lib/unicorn.rb
index 3bdbb3a..00012f7 100644
--- a/lib/unicorn.rb
+++ b/lib/unicorn.rb
@@ -429,6 +429,7 @@ module Unicorn
       @listeners.each { |sock| sock.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC) }
       ENV.delete('UNICORN_FD')
       @after_fork.call(self, worker.nr) if @after_fork
+      worker.tempfile.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC)
       @request = HttpRequest.new(logger)
     end
 
@@ -448,6 +449,8 @@ module Unicorn
         @listeners.each { |sock| sock.close rescue nil } # break IO.select
       end
       reopen_logs, (rd, wr) = false, IO.pipe
+      rd.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC)
+      wr.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC)
       trap(:USR1) { reopen_logs = true; rd.close rescue nil } # break IO.select
       @logger.info "worker=#{worker.nr} ready"
 
@@ -459,6 +462,8 @@ module Unicorn
           @logger.info "worker=#{worker.nr} done rotating logs"
           wr.close rescue nil
           rd, wr = IO.pipe
+          rd.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC)
+          wr.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC)
         end
         # we're a goner in @timeout seconds anyways if tempfile.chmod
         # breaks, so don't trap the exception.  Using fchmod() since