inetd-style socket passing traditionally starts a service with a connected socket on file descriptors 0 and 1. passt disallowing obtaining its socket from either of these descriptors made it difficult to use with super-servers providing this interface — in my case I wanted to use passt with s6-ipcserver[1]. Since (as far as I can tell) passt does not use standard input for anything else (unlike standard output), it should be safe to relax the restrictions on --fd to allow setting it to 0, enabling this use case. Link: https://skarnet.org/software/s6/s6-ipcserver.html [1] Signed-off-by: Alyssa Ross --- conf.c | 3 ++- util.c | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/conf.c b/conf.c index f942851..a6d7e22 100644 --- a/conf.c +++ b/conf.c @@ -1717,7 +1717,8 @@ void conf(struct ctx *c, int argc, char **argv) fd_tap_opt = strtol(optarg, NULL, 0); if (errno || - fd_tap_opt <= STDERR_FILENO || fd_tap_opt > INT_MAX) + (fd_tap_opt != STDIN_FILENO && fd_tap_opt <= STDERR_FILENO) || + fd_tap_opt > INT_MAX) die("Invalid --fd: %s", optarg); c->fd_tap = fd_tap_opt; diff --git a/util.c b/util.c index 62a6003..f5497d4 100644 --- a/util.c +++ b/util.c @@ -875,7 +875,9 @@ void close_open_files(int argc, char **argv) errno = 0; fd = strtol(optarg, NULL, 0); - if (errno || fd <= STDERR_FILENO || fd > INT_MAX) + if (errno || + (fd != STDIN_FILENO && fd <= STDERR_FILENO) || + fd > INT_MAX) die("Invalid --fd: %s", optarg); } } while (name != -1); base-commit: 436afc30447c6f0ce516f2b38c769833114bb5f8 -- 2.47.2