From 27e67748d41420642e01edf77d6075f6f6ebffcd Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Thu, 19 Dec 2024 07:53:33 +0000
Subject: [PATCH] bunpen: pasta: never outlive the parent bunpen lifetime

---
 pkgs/by-name/bunpen/restrict/ns/pasta.ha | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/by-name/bunpen/restrict/ns/pasta.ha b/pkgs/by-name/bunpen/restrict/ns/pasta.ha
index f0fd5c420..4bdfefb62 100644
--- a/pkgs/by-name/bunpen/restrict/ns/pasta.ha
+++ b/pkgs/by-name/bunpen/restrict/ns/pasta.ha
@@ -30,7 +30,7 @@ fn setup_pasta(net: restrict::net_subset) void = {
 
   let (pipe_parent_rd, pipe_child_wr) = unix::pipe()!;
   log::printfln("[namespace/pasta]: forking: parent will launch pasta while child will exec user code");
-  match (os::exec::fork()) {
+  match (fork_and_die_with_parent()) {
     case let child_pid: os::exec::process =>
       io::close(pipe_child_wr)!;
 
@@ -58,14 +58,14 @@ fn setup_pasta(net: restrict::net_subset) void = {
       // though pasta hasn't created the device.
       io::close(pipe_child_wr)!;
 
-    case let e: os::exec::error =>
+    case let e: (os::exec::error | rt::errno) =>
       errors::ext::check("setup_pasta: fork", e);
   };
 };
 
 // spawn pasta as a separate process, and have it attach to the netns of the given pid.
 fn attach_pasta(net: restrict::net_subset, child: os::exec::process) (void | os::exec::error | rt::errno) = {
-  return match (os::exec::fork()?) {
+  return match (fork_and_die_with_parent()?) {
     case let pasta_pid: os::exec::process => yield void;
     case void =>
       // pasta needs permissions to create a device in the netns (it apparently