Open smira opened 1 month ago
Should we maybe consider adding a rule to golangci-lint to check for syscalls without cloexec to avoid problematic code being merged later?
Should we maybe consider adding a rule to golangci-lint to check for syscalls without cloexec to avoid problematic code being merged later?
I would rather prefer a test, but not sure how to put #9414 into a useful thing, as we need to fork directly from machined to verify this. System extensions don't work, I don't want to put test binary into any Talos build. I could use some debug feature as well to enable this test controller
Will take a look a bit later, maybe I have some ideas about this
Update: the problem itself is fixed, but the issue is left open to track upstream PRs.
https://github.com/vishvananda/netlink/pull/1023 can go away if #9566 is merged
tl;dr is missing
O_CLOEXEC
in some libraries we're using