Close non-stdio file handles when daemonizing

ntrrgc · ntrrgc · commit 8406bebac068 · 2025-02-19T11:20:55.000+01:00
Otherwise, when the compiler wrapper spawns the sccache server, the server may end up with unintended file descriptors, which can lead to unexpected problems. This is particularly problematic if any of those file descriptors that accidentally end up in the server process is a pipe, as the pipe will only be closed when all the processes with that file descriptor close it or exit. This was causing sccache to hang ninja, as ninja uses the EOF of a pipe given to the subprocess to detect when that subprocess has exited: ninja-build/ninja#2444 (comment) This patch adds a dependency on the [close_fds](https://crates.io/crates/close_fds) crate, which automatically chooses an appropriate mechanism to close a range of file descriptors. On Linux 5.9+ that mechanism will be libc::close_range(). Fixes mozilla#2313
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -136,6 +136,7 @@ thirtyfour_sync = "0.27"
 
 [target.'cfg(unix)'.dependencies]
 daemonize = "0.5"
+close_fds = "0.3.2"
 
 [target.'cfg(not(target_os = "freebsd"))'.dependencies.libmount]
 optional = true
diff --git a/src/bin/sccache-dist/main.rs b/src/bin/sccache-dist/main.rs
@@ -209,7 +209,7 @@ fn run(command: Command) -> Result<i32> {
                 }
             };
 
-            daemonize()?;
+            daemonize(None)?;
             let scheduler = Scheduler::new();
             let http_scheduler = dist::http::Scheduler::new(
                 public_addr,
diff --git a/src/commands.rs b/src/commands.rs
@@ -126,16 +126,6 @@ fn run_server_process(startup_timeout: Option<Duration>) -> Result<ServerStartup
     })
 }
 
-#[cfg(not(windows))]
-fn redirect_stderr(f: File) {
-    use libc::dup2;
-    use std::os::unix::io::IntoRawFd;
-    // Ignore errors here.
-    unsafe {
-        dup2(f.into_raw_fd(), 2);
-    }
-}
-
 #[cfg(windows)]
 fn redirect_stderr(f: File) {
     use std::os::windows::io::IntoRawHandle;
@@ -165,13 +155,6 @@ fn create_error_log() -> Result<File> {
     Ok(f)
 }
 
-/// If `SCCACHE_ERROR_LOG` is set, redirect stderr to it.
-fn redirect_error_log(f: File) -> Result<()> {
-    debug!("redirecting stderr into {:?}", f);
-    redirect_stderr(f);
-    Ok(())
-}
-
 /// Re-execute the current executable as a background server.
 #[cfg(windows)]
 fn run_server_process(startup_timeout: Option<Duration>) -> Result<ServerStartup> {
@@ -654,14 +637,15 @@ pub fn run_command(cmd: Command) -> Result<i32> {
         }
         Command::InternalStartServer => {
             trace!("Command::InternalStartServer");
+            // If `SCCACHE_ERROR_LOG` is set, redirect stderr to it.
             if env::var("SCCACHE_ERROR_LOG").is_ok() {
                 let f = create_error_log()?;
+                debug!("redirecting stderr into {:?}", f);
                 // Can't report failure here, we're already daemonized.
-                daemonize()?;
-                redirect_error_log(f)?;
+                daemonize(Some(f))?;
             } else {
                 // We aren't asking for a log file
-                daemonize()?;
+                daemonize(None)?;
             }
             server::start_server(config, &get_addr())?;
         }
diff --git a/src/util.rs b/src/util.rs
@@ -841,7 +841,7 @@ impl<'a> Hasher for HashToDigest<'a> {
 
 /// Pipe `cmd`'s stdio to `/dev/null`, unless a specific env var is set.
 #[cfg(not(windows))]
-pub fn daemonize() -> Result<()> {
+pub fn daemonize(log_file: Option<File>) -> Result<()> {
     use crate::jobserver::discard_inherited_jobserver;
     use daemonize::Daemonize;
     use std::env;
@@ -850,7 +850,18 @@ pub fn daemonize() -> Result<()> {
     match env::var("SCCACHE_NO_DAEMON") {
         Ok(ref val) if val == "1" => {}
         _ => {
-            Daemonize::new().start().context("failed to daemonize")?;
+            Daemonize::new()
+                .stderr(
+                    log_file
+                        .map(|f| f.into_parts().0.into())
+                        .unwrap_or_else(daemonize::Stdio::devnull),
+                )
+                .start()
+                .context("failed to daemonize")?;
+            // Be extra-zealous and clase all non-stdio file descriptors.
+            unsafe {
+                close_fds::close_open_fds(3, &[]);
+            }
         }
     }
 
@@ -928,7 +939,7 @@ pub fn daemonize() -> Result<()> {
 
 /// This is a no-op on Windows.
 #[cfg(windows)]
-pub fn daemonize() -> Result<()> {
+pub fn daemonize(_log_file: Option<File>) -> Result<()> {
     Ok(())
 }
 

Original file line number	Diff line number	Diff line change
`@@ -209,7 +209,7 @@ fn run(command: Command) -> Result<i32> {`
`209`	`209`	`}`
`210`	`210`	`};`
`211`	`211`
`212`		`- daemonize()?;`
	`212`	`+ daemonize(None)?;`
`213`	`213`	`let scheduler = Scheduler::new();`
`214`	`214`	`let http_scheduler = dist::http::Scheduler::new(`
`215`	`215`	`public_addr,`