Update close fd issues for lxc

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)

daemon/execdriver/lxc/driver.go

@@ -19,7 +19,6 @@ import (
 	"github.com/docker/libcontainer/label"
 	"github.com/docker/libcontainer/mount/nodes"
 	"github.com/dotcloud/docker/daemon/execdriver"
-	"github.com/dotcloud/docker/pkg/system"
 	"github.com/dotcloud/docker/utils"
 )
 
@@ -37,12 +36,6 @@ func init() {
 		if err := setupNetworking(args); err != nil {
 			return err
 		}
-		if err := setupWorkingDirectory(args); err != nil {
-			return err
-		}
-		if err := system.CloseFdsFrom(3); err != nil {
-			return err
-		}
 		if err := finalizeNamespace(args); err != nil {
 			return err
 		}

daemon/execdriver/lxc/lxc_init_linux.go

@@ -8,6 +8,7 @@ import (
 
 	"github.com/docker/libcontainer/namespaces"
 	"github.com/docker/libcontainer/security/capabilities"
+	"github.com/docker/libcontainer/utils"
 	"github.com/dotcloud/docker/daemon/execdriver"
 	"github.com/dotcloud/docker/daemon/execdriver/native/template"
 	"github.com/dotcloud/docker/pkg/system"
@@ -18,6 +19,10 @@ func setHostname(hostname string) error {
 }
 
 func finalizeNamespace(args *execdriver.InitArgs) error {
+	if err := utils.CloseExecFrom(3); err != nil {
+		return err
+	}
+
 	// We use the native drivers default template so that things like caps are consistent
 	// across both drivers
 	container := template.New()
@@ -49,5 +54,9 @@ func finalizeNamespace(args *execdriver.InitArgs) error {
 		}
 	}
 
+	if err := setupWorkingDirectory(args); err != nil {
+		return err
+	}
+
 	return nil
 }