From b4e651f12f90021c7f92f7b31999315206121eb3 Mon Sep 17 00:00:00 2001 From: William Lallemand Date: Wed, 5 Apr 2023 15:50:57 +0200 Subject: [PATCH] BUG/MINOR: mworker: unset more internal variables from program section People who use HAProxy as a process 1 in containers sometimes starts other things from the program section. This is still not recommend as the master process has minimal features regarding process management. Environment variables are still inherited, even internal ones. Since 2.7, it could provoke a crash when inheriting the HAPROXY_STARTUPLOGS_FD variable. Note: for future releases it should be better to clean the env and sets a list of variable to be exported. We need to determine which variables are used by users before. Must be backported in 2.7. --- src/mworker-prog.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/mworker-prog.c b/src/mworker-prog.c index 75cfc4255..502c54991 100644 --- a/src/mworker-prog.c +++ b/src/mworker-prog.c @@ -114,6 +114,9 @@ int mworker_ext_launch_all() /* This one must not be exported, it's internal! */ unsetenv("HAPROXY_MWORKER_REEXEC"); + unsetenv("HAPROXY_STARTUPLOGS_FD"); + unsetenv("HAPROXY_MWORKER_WAIT_ONLY"); + unsetenv("HAPROXY_PROCESSES"); execvp(child->command[0], child->command); ha_alert("Cannot execute %s: %s\n", child->command[0], strerror(errno));