From 9a13e2dd27e036bb694b41a9b691382c61a51f89 Mon Sep 17 00:00:00 2001
From: ningmingxiao <ning.mingxiao@zte.com.cn>
Date: Mon, 16 Sep 2024 21:24:55 +0800
Subject: [PATCH] fix fd doesn't close in time

Signed-off-by: ningmingxiao <ning.mingxiao@zte.com.cn>
---
 libcontainer/standard_init_linux.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libcontainer/standard_init_linux.go b/libcontainer/standard_init_linux.go
index ec2e814370a..bfdfe290881 100644
--- a/libcontainer/standard_init_linux.go
+++ b/libcontainer/standard_init_linux.go
@@ -260,6 +260,7 @@ func (l *linuxStandardInit) Init() error {
 		return &os.PathError{Op: "write exec fifo", Path: fifoPath, Err: err}
 	}
 
+	_ = unix.Close(fd)
 	// Close the O_PATH fifofd fd before exec because the kernel resets
 	// dumpable in the wrong order. This has been fixed in newer kernels, but
 	// we keep this to ensure CVE-2016-9962 doesn't re-emerge on older kernels.