summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--runsc/boot/controller.go6
-rw-r--r--runsc/boot/loader.go4
2 files changed, 8 insertions, 2 deletions
diff --git a/runsc/boot/controller.go b/runsc/boot/controller.go
index 568aad117..7a1f42119 100644
--- a/runsc/boot/controller.go
+++ b/runsc/boot/controller.go
@@ -213,6 +213,12 @@ type StartArgs struct {
func (cm *containerManager) Start(args *StartArgs, _ *struct{}) error {
log.Debugf("containerManager.Start: %+v", args)
+ defer func() {
+ for _, f := range args.FilePayload.Files {
+ f.Close()
+ }
+ }()
+
// Validate arguments.
if args == nil {
return errors.New("start missing arguments")
diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go
index 946ddfd47..d953bb783 100644
--- a/runsc/boot/loader.go
+++ b/runsc/boot/loader.go
@@ -515,7 +515,8 @@ func (l *Loader) createContainer(cid string) error {
}
// startContainer starts a child container. It returns the thread group ID of
-// the newly created process.
+// the newly created process. Caller owns 'files' and may close them after
+// this method returns.
func (l *Loader) startContainer(k *kernel.Kernel, spec *specs.Spec, conf *Config, cid string, files []*os.File) error {
// Create capabilities.
caps, err := specutils.Capabilities(spec.Process.Capabilities)
@@ -553,7 +554,6 @@ func (l *Loader) startContainer(k *kernel.Kernel, spec *specs.Spec, conf *Config
if err != nil {
return fmt.Errorf("failed to dup file: %v", err)
}
- f.Close()
ioFDs = append(ioFDs, fd)
}