This was ok'd by millert@
anyone else want to ok and commit?
On Sun, Jan 20, 2013 at 05:23:00PM -0500, David Hill wrote:
>Use FD_CLOEXEC instead of 1.
>
>Change one instance in libutil to use O_CLOEXEC instead of a fcntl right
>after.
>
>Index: bin/systrace/openbsd-syscalls.c
>===================================================================
>RCS file: /cvs/src/bin/systrace/openbsd-syscalls.c,v
>retrieving revision 1.41
>diff -N -u -p bin/systrace/openbsd-syscalls.c
>--- bin/systrace/openbsd-syscalls.c 18 Sep 2011 23:24:14 -0000 1.41
>+++ bin/systrace/openbsd-syscalls.c 20 Jan 2013 22:15:09 -0000
>@@ -166,7 +166,7 @@ obsd_open(void)
> goto out;
> }
>
>- if (fcntl(cfd, F_SETFD, 1) == -1)
>+ if (fcntl(cfd, F_SETFD, FD_CLOEXEC) == -1)
> warn("fcntl(F_SETFD)");
>
> out:
>Index: lib/libc/db/btree/bt_open.c
>===================================================================
>RCS file: /cvs/src/lib/libc/db/btree/bt_open.c,v
>retrieving revision 1.14
>diff -N -u -p lib/libc/db/btree/bt_open.c
>--- lib/libc/db/btree/bt_open.c 17 Sep 2007 07:07:23 -0000 1.14
>+++ lib/libc/db/btree/bt_open.c 20 Jan 2013 22:15:09 -0000
>@@ -204,7 +204,7 @@ __bt_open(const char *fname, int flags, int mode, cons
> F_SET(t, B_INMEM);
> }
>
>- if (fcntl(t->bt_fd, F_SETFD, 1) == -1)
>+ if (fcntl(t->bt_fd, F_SETFD, FD_CLOEXEC) == -1)
> goto err;
>
> if (fstat(t->bt_fd, &sb))
>Index: lib/libc/db/hash/hash.c
>===================================================================
>RCS file: /cvs/src/lib/libc/db/hash/hash.c,v
>retrieving revision 1.23
>diff -N -u -p lib/libc/db/hash/hash.c
>--- lib/libc/db/hash/hash.c 2 Jul 2010 16:46:28 -0000 1.23
>+++ lib/libc/db/hash/hash.c 20 Jan 2013 22:15:10 -0000
>@@ -117,7 +117,7 @@ __hash_open(const char *file, int flags, int mode,
> if (file) {
> if ((hashp->fp = open(file, flags, mode)) == -1)
> RETURN_ERROR(errno, error0);
>- (void)fcntl(hashp->fp, F_SETFD, 1);
>+ (void)fcntl(hashp->fp, F_SETFD, FD_CLOEXEC);
> new_table = fstat(hashp->fp, &statbuf) == 0 &&
> statbuf.st_size == 0 && (flags & O_ACCMODE) != O_RDONLY;
> } else
>Index: lib/libc/db/hash/hash_page.c
>===================================================================
>RCS file: /cvs/src/lib/libc/db/hash/hash_page.c,v
>retrieving revision 1.19
>diff -N -u -p lib/libc/db/hash/hash_page.c
>--- lib/libc/db/hash/hash_page.c 11 May 2008 22:21:25 -0000 1.19
>+++ lib/libc/db/hash/hash_page.c 20 Jan 2013 22:15:10 -0000
>@@ -858,7 +858,7 @@ open_temp(HTAB *hashp)
> (void)sigprocmask(SIG_BLOCK, &set, &oset);
> if ((hashp->fp = mkstemp(path)) != -1) {
> (void)unlink(path);
>- (void)fcntl(hashp->fp, F_SETFD, 1);
>+ (void)fcntl(hashp->fp, F_SETFD, FD_CLOEXEC);
> }
> (void)sigprocmask(SIG_SETMASK, &oset, (sigset_t *)NULL);
> return (hashp->fp != -1 ? 0 : -1);
>Index: lib/libc/gen/syslog_r.c
>===================================================================
>RCS file: /cvs/src/lib/libc/gen/syslog_r.c,v
>retrieving revision 1.3
>diff -N -u -p lib/libc/gen/syslog_r.c
>--- lib/libc/gen/syslog_r.c 30 May 2011 18:48:33 -0000 1.3
>+++ lib/libc/gen/syslog_r.c 20 Jan 2013 22:15:10 -0000
>@@ -279,7 +279,7 @@ connectlog_r(struct syslog_data *data)
> if (data->log_file == -1) {
> if ((data->log_file = socket(AF_UNIX, SOCK_DGRAM, 0)) == -1)
> return;
>- (void)fcntl(data->log_file, F_SETFD, 1);
>+ (void)fcntl(data->log_file, F_SETFD, FD_CLOEXEC);
> }
> if (data->log_file != -1 && !data->connected) {
> memset(&SyslogAddr, '\0', sizeof(SyslogAddr));
>Index: lib/libc/yp/yp_bind.c
>===================================================================
>RCS file: /cvs/src/lib/libc/yp/yp_bind.c,v
>retrieving revision 1.17
>diff -N -u -p lib/libc/yp/yp_bind.c
>--- lib/libc/yp/yp_bind.c 5 Jun 2009 17:19:00 -0000 1.17
>+++ lib/libc/yp/yp_bind.c 20 Jan 2013 22:15:10 -0000
>@@ -242,7 +242,7 @@ gotdata:
> ysd->dom_vers = -1;
> goto again;
> }
>- if (fcntl(ysd->dom_socket, F_SETFD, 1) == -1)
>+ if (fcntl(ysd->dom_socket, F_SETFD, FD_CLOEXEC) == -1)
> perror("fcntl: F_SETFD");
>
> if (new) {
>Index: lib/libevent/signal.c
>===================================================================
>RCS file: /cvs/src/lib/libevent/signal.c,v
>retrieving revision 1.15
>diff -N -u -p lib/libevent/signal.c
>--- lib/libevent/signal.c 12 Jul 2010 18:03:38 -0000 1.15
>+++ lib/libevent/signal.c 20 Jan 2013 22:15:10 -0000
>@@ -85,7 +85,7 @@ evsignal_cb(int fd, short what, void *arg)
>
> #ifdef HAVE_SETFD
> #define FD_CLOSEONEXEC(x) do { \
>- if (fcntl(x, F_SETFD, 1) == -1) \
>+ if (fcntl(x, F_SETFD, FD_CLOEXEC) == -1) \
> event_warn("fcntl(%d, F_SETFD)", x); \
> } while (0)
> #else
>Index: lib/libutil/check_expire.c
>===================================================================
>RCS file: /cvs/src/lib/libutil/check_expire.c,v
>retrieving revision 1.8
>diff -N -u -p lib/libutil/check_expire.c
>--- lib/libutil/check_expire.c 20 Apr 2004 23:21:23 -0000 1.8
>+++ lib/libutil/check_expire.c 20 Jan 2013 22:15:11 -0000
>@@ -173,8 +173,8 @@ pwd_update(const struct passwd *pwd, const struct pass
> return("can't open passwd temp file");
> }
>
>- pfd = open(_PATH_MASTERPASSWD, O_RDONLY, 0);
>- if (pfd < 0 || fcntl(pfd, F_SETFD, 1) == -1) {
>+ pfd = open(_PATH_MASTERPASSWD, O_RDONLY | O_CLOEXEC, 0);
>+ if (pfd < 0) {
> pw_abort();
> return(strerror(errno));
> }
>Index: lib/libutil/passwd.c
>===================================================================
>RCS file: /cvs/src/lib/libutil/passwd.c,v
>retrieving revision 1.49
>diff -N -u -p lib/libutil/passwd.c
>--- lib/libutil/passwd.c 20 Dec 2006 23:07:36 -0000 1.49
>+++ lib/libutil/passwd.c 20 Jan 2013 22:15:11 -0000
>@@ -107,7 +107,7 @@ pw_lock(int retries)
> fd = open(pw_lck, O_WRONLY|O_CREAT|O_EXCL, 0600);
> }
> save_errno = errno;
>- if (fd != -1 && fcntl(fd, F_SETFD, 1) == -1) {
>+ if (fd != -1 && fcntl(fd, F_SETFD, FD_CLOEXEC) == -1) {
> close(fd);
> fd = -1;
> }
>Index: usr.bin/mail/lex.c
>===================================================================
>RCS file: /cvs/src/usr.bin/mail/lex.c,v
>retrieving revision 1.34
>diff -N -u -p usr.bin/mail/lex.c
>--- usr.bin/mail/lex.c 6 Apr 2011 11:36:26 -0000 1.34
>+++ usr.bin/mail/lex.c 20 Jan 2013 22:15:12 -0000
>@@ -129,10 +129,10 @@ setfile(char *name)
> if ((fd = mkstemp(tempname)) == -1 ||
> (otf = fdopen(fd, "w")) == NULL)
> err(1, "%s", tempname);
>- (void)fcntl(fileno(otf), F_SETFD, 1);
>+ (void)fcntl(fileno(otf), F_SETFD, FD_CLOEXEC);
> if ((itf = fopen(tempname, "r")) == NULL)
> err(1, "%s", tempname);
>- (void)fcntl(fileno(itf), F_SETFD, 1);
>+ (void)fcntl(fileno(itf), F_SETFD, FD_CLOEXEC);
> (void)rm(tempname);
> setptr(ibuf, (off_t)0);
> setmsize(msgCount);
>Index: usr.bin/mail/names.c
>===================================================================
>RCS file: /cvs/src/usr.bin/mail/names.c,v
>retrieving revision 1.18
>diff -N -u -p usr.bin/mail/names.c
>--- usr.bin/mail/names.c 27 Oct 2009 23:59:40 -0000 1.18
>+++ usr.bin/mail/names.c 20 Jan 2013 22:15:12 -0000
>@@ -248,7 +248,7 @@ outof(struct name *names, FILE *fo, struct header *hp)
> (void)Fclose(fout);
> goto cant;
> }
>- (void)fcntl(image, F_SETFD, 1);
>+ (void)fcntl(image, F_SETFD, FD_CLOEXEC);
> fprintf(fout, "From %s %s", myname, date);
> puthead(hp, fout, GTO|GSUBJECT|GCC|GNL);
> while ((c = getc(fo)) != EOF)
>Index: usr.bin/mail/popen.c
>===================================================================
>RCS file: /cvs/src/usr.bin/mail/popen.c,v
>retrieving revision 1.35
>diff -N -u -p usr.bin/mail/popen.c
>--- usr.bin/mail/popen.c 27 Oct 2009 23:59:40 -0000 1.35
>+++ usr.bin/mail/popen.c 20 Jan 2013 22:15:12 -0000
>@@ -69,7 +69,7 @@ Fopen(char *file, char *mode)
>
> if ((fp = fopen(file, mode)) != NULL) {
> register_file(fp, 0, 0);
>- (void)fcntl(fileno(fp), F_SETFD, 1);
>+ (void)fcntl(fileno(fp), F_SETFD, FD_CLOEXEC);
> }
> return(fp);
> }
>@@ -81,7 +81,7 @@ Fdopen(int fd, char *mode)
>
> if ((fp = fdopen(fd, mode)) != NULL) {
> register_file(fp, 0, 0);
>- (void)fcntl(fileno(fp), F_SETFD, 1);
>+ (void)fcntl(fileno(fp), F_SETFD, FD_CLOEXEC);
> }
> return(fp);
> }
>@@ -105,8 +105,8 @@ Popen(char *cmd, char *mode)
>
> if (pipe(p) < 0)
> return(NULL);
>- (void)fcntl(p[READ], F_SETFD, 1);
>- (void)fcntl(p[WRITE], F_SETFD, 1);
>+ (void)fcntl(p[READ], F_SETFD, FD_CLOEXEC);
>+ (void)fcntl(p[WRITE], F_SETFD, FD_CLOEXEC);
> if (*mode == 'r') {
> myside = p[READ];
> hisside = fd0 = fd1 = p[WRITE];
>Index: usr.bin/nc/netcat.c
>===================================================================
>RCS file: /cvs/src/usr.bin/nc/netcat.c,v
>retrieving revision 1.109
>diff -N -u -p usr.bin/nc/netcat.c
>--- usr.bin/nc/netcat.c 7 Jul 2012 15:33:02 -0000 1.109
>+++ usr.bin/nc/netcat.c 20 Jan 2013 22:15:12 -0000
>@@ -518,7 +518,7 @@ unix_connect(char *path)
> if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
> return (-1);
> }
>- (void)fcntl(s, F_SETFD, 1);
>+ (void)fcntl(s, F_SETFD, FD_CLOEXEC);
>
> memset(&sun, 0, sizeof(struct sockaddr_un));
> sun.sun_family = AF_UNIX;
>Index: usr.bin/sudo/sudo.c
>===================================================================
>RCS file: /cvs/src/usr.bin/sudo/sudo.c,v
>retrieving revision 1.43
>diff -N -u -p usr.bin/sudo/sudo.c
>--- usr.bin/sudo/sudo.c 8 Jul 2010 21:11:31 -0000 1.43
>+++ usr.bin/sudo/sudo.c 20 Jan 2013 22:15:13 -0000
>@@ -1151,7 +1151,7 @@ open_sudoers(sudoers, doedit, keepopen)
>
> if (fp != NULL) {
> rewind(fp);
>- (void) fcntl(fileno(fp), F_SETFD, 1);
>+ (void) fcntl(fileno(fp), F_SETFD, FD_CLOEXEC);
> }
>
> set_perms(PERM_ROOT); /* change back to root */
>Index: usr.bin/vi/common/exf.c
>===================================================================
>RCS file: /cvs/src/usr.bin/vi/common/exf.c,v
>retrieving revision 1.26
>diff -N -u -p usr.bin/vi/common/exf.c
>--- usr.bin/vi/common/exf.c 10 Jul 2011 13:20:25 -0000 1.26
>+++ usr.bin/vi/common/exf.c 20 Jan 2013 22:15:13 -0000
>@@ -1457,7 +1457,7 @@ file_lock(sp, name, fdp, fd, iswrite)
> return (LOCK_SUCCESS);
>
> /* Set close-on-exec flag so locks are not inherited by shell cmd. */
>- if (fcntl(fd, F_SETFD, 1) == -1)
>+ if (fcntl(fd, F_SETFD, FD_CLOEXEC) == -1)
> msgq_str(sp, M_SYSERR, name, "%s");
>
> #ifdef HAVE_LOCK_FLOCK /* Hurrah! We've got flock(2).
> */
>Index: usr.sbin/apmd/apmd.c
>===================================================================
>RCS file: /cvs/src/usr.sbin/apmd/apmd.c,v
>retrieving revision 1.58
>diff -N -u -p usr.sbin/apmd/apmd.c
>--- usr.sbin/apmd/apmd.c 26 Mar 2012 20:17:45 -0000 1.58
>+++ usr.sbin/apmd/apmd.c 20 Jan 2013 22:15:13 -0000
>@@ -594,12 +594,12 @@ main(int argc, char *argv[])
> if ((ctl_fd = open(fname, O_RDWR)) == -1) {
> if (errno != ENXIO && errno != ENOENT)
> error("cannot open device file `%s'", fname);
>- } else if (fcntl(ctl_fd, F_SETFD, 1) == -1)
>+ } else if (fcntl(ctl_fd, F_SETFD, FD_CLOEXEC) == -1)
> error("cannot set close-on-exec for `%s'", fname);
>
> sock_fd = bind_socket(sockname);
>
>- if (fcntl(sock_fd, F_SETFD, 1) == -1)
>+ if (fcntl(sock_fd, F_SETFD, FD_CLOEXEC) == -1)
> error("cannot set close-on-exec for the socket", NULL);
>
> power_status(ctl_fd, 1, &pinfo);
>Index: usr.sbin/ppp/ppp/chap.c
>===================================================================
>RCS file: /cvs/src/usr.sbin/ppp/ppp/chap.c,v
>retrieving revision 1.41
>diff -N -u -p usr.sbin/ppp/ppp/chap.c
>--- usr.sbin/ppp/ppp/chap.c 9 Jul 2005 01:45:08 -0000 1.41
>+++ usr.sbin/ppp/ppp/chap.c 20 Jan 2013 22:15:14 -0000
>@@ -312,7 +312,7 @@ chap_StartChild(struct chap *chap, char *prog, const c
> }
> /* XXX using an fwalk()-like thing would be safer */
> for (fd = getdtablesize(); fd > STDERR_FILENO; fd--)
>- fcntl(fd, F_SETFD, 1);
>+ fcntl(fd, F_SETFD, FD_CLOEXEC);
> #ifndef NOSUID
> setuid(ID0realuid());
> #endif
>Index: usr.sbin/ppp/ppp/chat.c
>===================================================================
>RCS file: /cvs/src/usr.sbin/ppp/ppp/chat.c,v
>retrieving revision 1.21
>diff -N -u -p usr.sbin/ppp/ppp/chat.c
>--- usr.sbin/ppp/ppp/chat.c 6 Jul 2005 13:56:00 -0000 1.21
>+++ usr.sbin/ppp/ppp/chat.c 20 Jan 2013 22:15:14 -0000
>@@ -739,7 +739,7 @@ ExecStr(struct physical *physical, char *command, char
> if (open(_PATH_TTY, O_RDWR) != 3)
> open(_PATH_DEVNULL, O_RDWR); /* Leave it closed if it fails... */
> for (i = getdtablesize(); i > 3; i--)
>- fcntl(i, F_SETFD, 1);
>+ fcntl(i, F_SETFD, FD_CLOEXEC);
> #ifndef NOSUID
> setuid(ID0realuid());
> #endif
>Index: usr.sbin/ppp/ppp/command.c
>===================================================================
>RCS file: /cvs/src/usr.sbin/ppp/ppp/command.c,v
>retrieving revision 1.92
>diff -N -u -p usr.sbin/ppp/ppp/command.c
>--- usr.sbin/ppp/ppp/command.c 2 Mar 2008 18:46:32 -0000 1.92
>+++ usr.sbin/ppp/ppp/command.c 20 Jan 2013 22:15:15 -0000
>@@ -663,7 +663,7 @@ ShellCommand(struct cmdargs const *arg, int bg)
> dup2(fd, STDERR_FILENO);
> /* fwalk */
> for (i = getdtablesize(); i > STDERR_FILENO; i--)
>- fcntl(i, F_SETFD, 1);
>+ fcntl(i, F_SETFD, FD_CLOEXEC);
>
> #ifndef NOSUID
> setuid(ID0realuid());
>Index: usr.sbin/ppp/ppp/exec.c
>===================================================================
>RCS file: /cvs/src/usr.sbin/ppp/ppp/exec.c,v
>retrieving revision 1.18
>diff -N -u -p usr.sbin/ppp/ppp/exec.c
>--- usr.sbin/ppp/ppp/exec.c 16 May 2002 01:13:39 -0000 1.18
>+++ usr.sbin/ppp/ppp/exec.c 20 Jan 2013 22:15:15 -0000
>@@ -178,7 +178,7 @@ exec_Create(struct physical *p)
> dup2(fids[1], STDOUT_FILENO);
> dup2(fids[1], STDERR_FILENO);
> for (i = getdtablesize(); i > STDERR_FILENO; i--)
>- fcntl(i, F_SETFD, 1);
>+ fcntl(i, F_SETFD, FD_CLOEXEC);
>
> execvp(*argv, argv);
> child_status = errno; /* Only works for vfork() */
>
