service: use LISTEN_FDS

if LISTEN_FDS is specified by systemd, we need to use the first fd after the std files (so fd=3) to read from the activation socket instead of manually opening the UNIX socket. [NO TESTS NEEDED] Closes: containers#9251 Signed-off-by: Giuseppe Scrivano <[email protected]>
jmguzik · Apr 26, 2021 · 69b740f · 69b740f
1 parent 6b7aeaa
commit 69b740f
Showing 1 changed file with 21 additions and 9 deletions.
diff --git a/cmd/podman/system/service_abi.go b/cmd/podman/system/service_abi.go
@@ -24,16 +24,28 @@ func restService(opts entities.ServiceOptions, flags *pflag.FlagSet, cfg *entiti
 	)
 
 	if opts.URI != "" {
-		fields := strings.Split(opts.URI, ":")
-		if len(fields) == 1 {
-			return errors.Errorf("%s is an invalid socket destination", opts.URI)
+		if os.Getenv("LISTEN_FDS") != "" {
+			// If it is activated by systemd, use the first LISTEN_FD (3)
+			// instead of opening the socket file.
+			f := os.NewFile(uintptr(3), "podman.sock")
+			l, err := net.FileListener(f)
+			if err != nil {
+				return err
+			}
+			listener = &l
+		} else {
+			fields := strings.Split(opts.URI, ":")
+			if len(fields) == 1 {
+				return errors.Errorf("%s is an invalid socket destination", opts.URI)
+			}
+			network := fields[0]
+			address := strings.Join(fields[1:], ":")
+			l, err := net.Listen(network, address)
+			if err != nil {
+				return errors.Wrapf(err, "unable to create socket")
+			}
+			listener = &l
 		}
-		address := strings.Join(fields[1:], ":")
-		l, err := net.Listen(fields[0], address)
-		if err != nil {
-			return errors.Wrapf(err, "unable to create socket")
-		}
-		listener = &l
 	}
 
 	// Close stdin, so shortnames will not prompt