podman: new option --preserve-fd

add a new option --preserve-fd that allows to specify a list of FDs to pass down to the container. It is similar to --preserve-fds but it allows to specify a list of FDs instead of the maximum FD number to preserve. --preserve-fd and --preserve-fds are mutually exclusive. It requires crun since runc would complain if any fd below --preserve-fds is not preserved. Closes: https://github.com/containers/podman/issues/20844 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2025-10-15 02:06:42 +08:00 · 2023-12-01 11:49:29 +01:00
parent 6b9221d852
commit 01d397a658
19 changed files with 172 additions and 23 deletions
--- a/pkg/specgenutil/specgen.go
+++ b/pkg/specgenutil/specgen.go
@ -838,9 +838,17 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions
 	if len(s.Name) == 0 || len(c.Name) != 0 {
 		s.Name = c.Name
 	}
+
+	if c.PreserveFDs != 0 && c.PreserveFD != nil {
+		return errors.New("cannot specify both --preserve-fds and --preserve-fd")
+	}
+
 	if s.PreserveFDs == 0 || c.PreserveFDs != 0 {
 		s.PreserveFDs = c.PreserveFDs
 	}
+	if s.PreserveFD == nil || c.PreserveFD != nil {
+		s.PreserveFD = c.PreserveFD
+	}

 	if s.OOMScoreAdj == nil || c.OOMScoreAdj != nil {
 		s.OOMScoreAdj = c.OOMScoreAdj