From a8f2b818d15dcd4d2da51f96f9bb5f4568adb455 Mon Sep 17 00:00:00 2001
From: Jim Ma <majinjing3@gmail.com>
Date: Mon, 5 Jul 2021 09:25:36 +0800
Subject: [PATCH] fix: close net namespace fd (#418)

Signed-off-by: Jim Ma <majinjing3@gmail.com>
---
 client/daemon/peerhost_linux.go | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/client/daemon/peerhost_linux.go b/client/daemon/peerhost_linux.go
index 5978ae5a5..6848a2b3e 100644
--- a/client/daemon/peerhost_linux.go
+++ b/client/daemon/peerhost_linux.go
@@ -31,6 +31,7 @@ func switchNetNamespace(target string) (func() error, error) {
 	if err != nil {
 		return nil, err
 	}
+	defer unix.Close(fd)
 
 	orgNS := fmt.Sprintf("/proc/%d/ns/net", os.Getpid())
 	// hold the original net namespace
@@ -46,7 +47,16 @@ func switchNetNamespace(target string) (func() error, error) {
 	}
 
 	return func() error {
+		if err := unix.Setns(orgFD, unix.CLONE_NEWNET); err != nil {
+			logger.Errorf("recover net namespace, from %s to %s, error: %s", target, orgNS, err)
+			return err
+		}
 		logger.Infof("recover net namespace, from %s to %s", target, orgNS)
-		return unix.Setns(orgFD, unix.CLONE_NEWNET)
+		if err := unix.Close(orgFD); err != nil {
+			logger.Errorf("recover net namespace, close fd error: %s", err)
+			return err
+		}
+		logger.Infof("recover net namespace, close original fd")
+		return nil
 	}, nil
 }