Skip to content

Commit 2d74279

Browse files
committed
Mark nix::unistd::daemon unsafe and document why.
Fixes: #2663 Signed-off-by: Ben Pfaff <[email protected]>
1 parent 09d66fe commit 2d74279

File tree

2 files changed

+13
-1
lines changed

2 files changed

+13
-1
lines changed

changelog/2664.changed.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
Changed `nix::unistd::daemon` to be `unsafe`. The documentation for
2+
the function explains why.

src/unistd.rs

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1262,13 +1262,23 @@ pub fn execveat<Fd: std::os::fd::AsFd, SA: AsRef<CStr>, SE: AsRef<CStr>>(
12621262
/// descriptors will remain identical after daemonizing.
12631263
/// * `noclose = false`: The process' stdin, stdout, and stderr will point to
12641264
/// `/dev/null` after daemonizing.
1265+
///
1266+
/// # Safety
1267+
///
1268+
/// Running in the child process of a fork is unsafe, with issues that are
1269+
/// specially pronounced for multithreaded processes. The documentation for
1270+
/// [CommandExt::pre_exec] discusses some of these issues, and [`rust-lang`
1271+
/// issue 39575] has a few further examples.
1272+
///
1273+
/// [CommandExt::pre_exec]: std::os::unix::process::CommandExt::pre_exec
1274+
/// [`rust-lang` issue 39575]: https://github.com/rust-lang/rust/issues/39575
12651275
#[cfg(any(
12661276
linux_android,
12671277
freebsdlike,
12681278
solarish,
12691279
netbsdlike
12701280
))]
1271-
pub fn daemon(nochdir: bool, noclose: bool) -> Result<()> {
1281+
pub unsafe fn daemon(nochdir: bool, noclose: bool) -> Result<()> {
12721282
let res = unsafe { libc::daemon(nochdir as c_int, noclose as c_int) };
12731283
Errno::result(res).map(drop)
12741284
}

0 commit comments

Comments
 (0)