1 autofs-5.0.4 - use CLOEXEC flag
3 From: Ian Kent <raven@themaw.net>
5 Update autofs to use the new CLOEXEC flag if present.
6 This allows us to set close on exec atomically flag when opening files,
7 hopefully avoiding selinux complaining about leaked file handles.
11 daemon/automount.c | 42 ++++--------------
14 daemon/indirect.c | 2 -
17 daemon/spawn.c | 11 +----
18 include/automount.h | 106 +++++++++++++++++++++++++++++++++++++++++++++
21 lib/defaults.c | 7 ++-
22 lib/dev-ioctl-lib.c | 17 +------
26 lib/nss_parse.y | 13 +-----
28 lib/rpc_subs.c | 21 ++-------
29 modules/cyrus-sasl.c | 1
30 modules/lookup_file.c | 40 +++--------------
31 modules/lookup_hesiod.c | 1
32 modules/lookup_hosts.c | 1
33 modules/lookup_ldap.c | 1
34 modules/lookup_multi.c | 1
35 modules/lookup_nisplus.c | 1
36 modules/lookup_program.c | 5 +-
37 modules/lookup_userhome.c | 1
38 modules/lookup_yp.c | 1
39 modules/mount_afs.c | 2 -
40 modules/mount_autofs.c | 2 -
41 modules/mount_bind.c | 2 -
42 modules/mount_changer.c | 10 ----
43 modules/mount_ext2.c | 2 -
44 modules/mount_generic.c | 2 -
45 modules/mount_nfs.c | 2 -
46 modules/parse_hesiod.c | 1
47 modules/parse_sun.c | 2 -
48 modules/replicated.c | 13 +-----
49 39 files changed, 149 insertions(+), 184 deletions(-)
52 diff --git a/CHANGELOG b/CHANGELOG
53 index bd35b00..43f3205 100644
57 - fix dumb libxml2 check
58 - fix nested submount expire deadlock.
59 - fix negative caching for non-existent map keys.
62 4/11/2008 autofs-5.0.4
63 -----------------------
64 diff --git a/daemon/automount.c b/daemon/automount.c
65 index 6f078c1..e120f50 100644
66 --- a/daemon/automount.c
67 +++ b/daemon/automount.c
69 * ----------------------------------------------------------------------- */
79 #include <sys/ioctl.h>
81 #include <sys/types.h>
82 @@ -68,6 +66,9 @@ static pthread_t state_mach_thid;
83 /* Pre-calculated kernel packet length */
84 static size_t kpkt_len;
86 +/* Does kernel know about SOCK_CLOEXEC and friends */
87 +static int cloexec_works = 0;
89 /* Attribute to create detached thread */
90 pthread_attr_t thread_attr;
92 @@ -671,7 +672,7 @@ static char *automount_path_to_fifo(unsigned logopt, const char *path)
93 static int create_logpri_fifo(struct autofs_point *ap)
99 char buf[MAX_ERR_BUF];
101 @@ -697,7 +698,7 @@ static int create_logpri_fifo(struct autofs_point *ap)
105 - fd = open(fifo_name, O_RDWR|O_NONBLOCK);
106 + fd = open_fd(fifo_name, O_RDWR|O_NONBLOCK);
108 char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
110 @@ -707,11 +708,6 @@ static int create_logpri_fifo(struct autofs_point *ap)
114 - if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) {
115 - cl_flags |= FD_CLOEXEC;
116 - fcntl(fd, F_SETFD, cl_flags);
119 ap->logpri_fifo = fd;
122 @@ -963,7 +959,7 @@ int do_expire(struct autofs_point *ap, const char *name, int namelen)
124 static int autofs_init_ap(struct autofs_point *ap)
126 - int pipefd[2], cl_flags;
129 if ((ap->state != ST_INIT)) {
130 /* This can happen if an autofs process is already running*/
131 @@ -974,7 +970,7 @@ static int autofs_init_ap(struct autofs_point *ap)
132 ap->pipefd = ap->kpipefd = ap->ioctlfd = -1;
134 /* Pipe for kernel communications */
135 - if (pipe(pipefd) < 0) {
136 + if (open_pipe(pipefd) < 0) {
138 "failed to create commumication pipe for autofs path %s",
140 @@ -984,18 +980,8 @@ static int autofs_init_ap(struct autofs_point *ap)
141 ap->pipefd = pipefd[0];
142 ap->kpipefd = pipefd[1];
144 - if ((cl_flags = fcntl(ap->pipefd, F_GETFD, 0)) != -1) {
145 - cl_flags |= FD_CLOEXEC;
146 - fcntl(ap->pipefd, F_SETFD, cl_flags);
149 - if ((cl_flags = fcntl(ap->kpipefd, F_GETFD, 0)) != -1) {
150 - cl_flags |= FD_CLOEXEC;
151 - fcntl(ap->kpipefd, F_SETFD, cl_flags);
154 /* Pipe state changes from signal handler to main loop */
155 - if (pipe(ap->state_pipe) < 0) {
156 + if (open_pipe(ap->state_pipe) < 0) {
158 "failed create state pipe for autofs path %s", ap->path);
160 @@ -1003,16 +989,6 @@ static int autofs_init_ap(struct autofs_point *ap)
164 - if ((cl_flags = fcntl(ap->state_pipe[0], F_GETFD, 0)) != -1) {
165 - cl_flags |= FD_CLOEXEC;
166 - fcntl(ap->state_pipe[0], F_SETFD, cl_flags);
169 - if ((cl_flags = fcntl(ap->state_pipe[1], F_GETFD, 0)) != -1) {
170 - cl_flags |= FD_CLOEXEC;
171 - fcntl(ap->state_pipe[1], F_SETFD, cl_flags);
174 if (create_logpri_fifo(ap) < 0) {
175 logmsg("could not create FIFO for path %s\n", ap->path);
176 logmsg("dynamic log level changes not available for %s", ap->path);
177 @@ -1080,7 +1056,7 @@ static void become_daemon(unsigned foreground, unsigned daemon_check)
181 - if (pipe(start_pipefd) < 0) {
182 + if (open_pipe(start_pipefd) < 0) {
183 fprintf(stderr, "%s: failed to create start_pipefd.\n",
186 diff --git a/daemon/direct.c b/daemon/direct.c
187 index 98fcc07..c0243c4 100644
188 --- a/daemon/direct.c
189 +++ b/daemon/direct.c
200 #include <sys/ioctl.h>
201 #include <sys/types.h>
202 #include <sys/wait.h>
203 diff --git a/daemon/flag.c b/daemon/flag.c
204 index d8ca61b..e43cece 100644
208 #include <sys/time.h>
209 #include <sys/types.h>
210 #include <sys/stat.h>
220 +#include "automount.h"
222 #define MAX_PIDSIZE 20
223 #define FLAG_FILE AUTOFS_FLAG_DIR "/autofs-running"
225 @@ -129,7 +129,7 @@ int aquire_flag_file(void)
226 while (!we_created_flagfile) {
229 - i = open(linkf, O_WRONLY|O_CREAT, 0);
230 + i = open_fd_mode(linkf, O_WRONLY|O_CREAT, 0);
234 @@ -146,7 +146,7 @@ int aquire_flag_file(void)
238 - fd = open(FLAG_FILE, O_RDWR);
239 + fd = open_fd(FLAG_FILE, O_RDWR);
241 /* Maybe the file was just deleted? */
243 diff --git a/daemon/indirect.c b/daemon/indirect.c
244 index 1232810..9d3745c 100644
245 --- a/daemon/indirect.c
246 +++ b/daemon/indirect.c
257 #include <sys/ioctl.h>
258 #include <sys/types.h>
259 #include <sys/wait.h>
260 diff --git a/daemon/lookup.c b/daemon/lookup.c
261 index 0cf6e3f..741d846 100644
262 --- a/daemon/lookup.c
263 +++ b/daemon/lookup.c
267 #include <sys/stat.h>
269 #include "automount.h"
270 #include "nsswitch.h"
272 diff --git a/daemon/module.c b/daemon/module.c
273 index 36eca00..e593d75 100644
274 --- a/daemon/module.c
275 +++ b/daemon/module.c
276 @@ -31,7 +31,7 @@ int load_autofs4_module(void)
277 * is an older version we will catch it at mount
280 - fp = fopen("/proc/filesystems", "r");
281 + fp = open_fopen_r("/proc/filesystems");
283 logerr("cannot open /proc/filesystems\n");
285 diff --git a/daemon/spawn.c b/daemon/spawn.c
286 index 17f92f4..4ddf46f 100644
291 * ----------------------------------------------------------------------- */
299 #include <sys/types.h>
303 #include <sys/wait.h>
304 #include <sys/stat.h>
305 @@ -125,7 +123,7 @@ static int do_spawn(unsigned logopt, unsigned int wait,
306 int ret, status, pipefd[2];
307 char errbuf[ERRBUFSIZ + 1], *p, *sp;
309 - int flags, cancel_state;
311 unsigned int use_lock = options & SPAWN_OPT_LOCK;
312 unsigned int use_access = options & SPAWN_OPT_ACCESS;
313 sigset_t allsigs, tmpsig, oldsig;
314 @@ -133,7 +131,7 @@ static int do_spawn(unsigned logopt, unsigned int wait,
319 + if (open_pipe(pipefd))
322 pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cancel_state);
323 @@ -213,11 +211,6 @@ static int do_spawn(unsigned logopt, unsigned int wait,
327 - if ((flags = fcntl(pipefd[0], F_GETFD, 0)) != -1) {
328 - flags |= FD_CLOEXEC;
329 - fcntl(pipefd[0], F_SETFD, flags);
334 errn = timed_read(pipefd[0],
335 diff --git a/include/automount.h b/include/automount.h
336 index 1ba0d3c..a55ddbc 100644
337 --- a/include/automount.h
338 +++ b/include/automount.h
348 @@ -475,5 +477,109 @@ int alarm_start_handler(void);
349 int alarm_add(struct autofs_point *ap, time_t seconds);
350 void alarm_delete(struct autofs_point *ap);
353 + * Use CLOEXEC flag for open(), pipe(), fopen() (read-only case) and
354 + * socket() if possible.
356 +static int cloexec_works;
358 +static inline void check_cloexec(int fd)
360 + if (cloexec_works == 0) {
361 + int fl = fcntl(fd, F_GETFD);
362 + cloexec_works = (fl & FD_CLOEXEC) ? 1 : -1;
364 + if (cloexec_works > 0)
366 + fcntl(fd, F_SETFD, FD_CLOEXEC);
370 +static inline int open_fd(const char *path, int flags)
374 +#if defined(O_CLOEXEC) && defined(SOCK_CLOEXEC)
375 + if (cloexec_works != -1)
376 + flags |= O_CLOEXEC;
378 + fd = open(path, flags);
385 +static inline int open_fd_mode(const char *path, int flags, int mode)
389 +#if defined(O_CLOEXEC) && defined(SOCK_CLOEXEC)
390 + if (cloexec_works != -1)
391 + flags |= O_CLOEXEC;
393 + fd = open(path, flags, mode);
400 +static inline int open_pipe(int pipefd[2])
404 +#if defined(O_CLOEXEC) && defined(SOCK_CLOEXEC) && defined(__have_pipe2)
405 + if (cloexec_works != -1) {
406 + ret = pipe2(pipefd, O_CLOEXEC);
409 + if (errno != EINVAL)
413 + ret = pipe(pipefd);
416 + check_cloexec(pipefd[0]);
417 + check_cloexec(pipefd[1]);
421 +static inline int open_sock(int domain, int type, int protocol)
426 + if (cloexec_works != -1)
427 + type |= SOCK_CLOEXEC;
429 + fd = socket(domain, type, protocol);
436 +static inline FILE *open_fopen_r(const char *path)
440 +#if defined(O_CLOEXEC) && defined(SOCK_CLOEXEC)
441 + if (cloexec_works != -1) {
442 + f = fopen(path, "re");
444 + check_cloexec(fileno(f));
449 + f = fopen(path, "r");
452 + check_cloexec(fileno(f));
458 diff --git a/include/state.h b/include/state.h
459 index d7349d9..b44a353 100644
460 --- a/include/state.h
461 +++ b/include/state.h
470 diff --git a/lib/cache.c b/lib/cache.c
471 index ce47e04..4a00367 100644
482 #include <sys/param.h>
483 #include <sys/types.h>
484 #include <sys/stat.h>
485 diff --git a/lib/defaults.c b/lib/defaults.c
486 index 21d76d2..ff653e3 100644
490 #include "defaults.h"
491 #include "lookup_ldap.h"
493 +#include "automount.h"
495 #define DEFAULTS_CONFIG_FILE AUTOFS_CONF_DIR "/autofs"
496 #define MAX_LINE_LEN 256
497 @@ -255,7 +256,7 @@ struct list_head *defaults_get_uris(void)
499 struct list_head *list;
501 - f = fopen(DEFAULTS_CONFIG_FILE, "r");
502 + f = open_fopen_r(DEFAULTS_CONFIG_FILE);
506 @@ -298,7 +299,7 @@ unsigned int defaults_read_config(unsigned int to_syslog)
507 char buf[MAX_LINE_LEN];
510 - f = fopen(DEFAULTS_CONFIG_FILE, "r");
511 + f = open_fopen_r(DEFAULTS_CONFIG_FILE);
515 @@ -544,7 +545,7 @@ struct ldap_searchdn *defaults_get_searchdns(void)
517 struct ldap_searchdn *sdn, *last;
519 - f = fopen(DEFAULTS_CONFIG_FILE, "r");
520 + f = open_fopen_r(DEFAULTS_CONFIG_FILE);
524 diff --git a/lib/dev-ioctl-lib.c b/lib/dev-ioctl-lib.c
525 index 57af785..056a0a9 100644
526 --- a/lib/dev-ioctl-lib.c
527 +++ b/lib/dev-ioctl-lib.c
528 @@ -121,17 +121,12 @@ void init_ioctl_ctl(void)
532 - devfd = open(CONTROL_DEVICE, O_RDONLY);
533 + devfd = open_fd(CONTROL_DEVICE, O_RDONLY);
535 ctl.ops = &ioctl_ops;
537 struct autofs_dev_ioctl param;
539 - int cl_flags = fcntl(devfd, F_GETFD, 0);
540 - if (cl_flags != -1) {
541 - cl_flags |= FD_CLOEXEC;
542 - fcntl(devfd, F_SETFD, cl_flags);
545 * Check compile version against kernel.
546 * Selinux may allow us to open the device but not
547 @@ -378,20 +373,14 @@ static int ioctl_open(unsigned int logopt,
548 int *ioctlfd, dev_t devid, const char *path)
551 - int save_errno, fd, cl_flags;
552 + int save_errno, fd;
556 - fd = open(path, O_RDONLY);
557 + fd = open_fd(path, O_RDONLY);
561 - cl_flags = fcntl(fd, F_GETFD, 0);
562 - if (cl_flags != -1) {
563 - cl_flags |= FD_CLOEXEC;
564 - fcntl(fd, F_SETFD, cl_flags);
567 if (fstatfs(fd, &sfs) == -1) {
570 diff --git a/lib/log.c b/lib/log.c
571 index 65e8ad2..46220fd 100644
583 diff --git a/lib/macros.c b/lib/macros.c
584 index fa6db8e..85f9cd3 100644
588 * ----------------------------------------------------------------------- */
595 diff --git a/lib/mounts.c b/lib/mounts.c
596 index 6d0a69c..ce4691b 100644
606 #include <sys/types.h>
607 #include <sys/stat.h>
608 #include <sys/ioctl.h>
610 #include <sys/mount.h>
613 diff --git a/lib/nss_parse.y b/lib/nss_parse.y
614 index fa6958a..3bda6b3 100644
615 --- a/lib/nss_parse.y
616 +++ b/lib/nss_parse.y
625 #include "automount.h"
626 @@ -164,9 +162,9 @@ static void parse_close_nsswitch(void *arg)
627 int nsswitch_parse(struct list_head *list)
630 - int fd, cl_flags, status;
633 - nsswitch = fopen(NSSWITCH_FILE, "r");
634 + nsswitch = open_fopen_r(NSSWITCH_FILE);
636 logerr("couldn't open %s\n", NSSWITCH_FILE);
638 @@ -174,13 +172,6 @@ int nsswitch_parse(struct list_head *list)
640 pthread_cleanup_push(parse_close_nsswitch, nsswitch);
642 - fd = fileno(nsswitch);
644 - if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) {
645 - cl_flags |= FD_CLOEXEC;
646 - fcntl(fd, F_SETFD, cl_flags);
650 pthread_cleanup_push(parse_mutex_unlock, NULL);
652 diff --git a/lib/parse_subs.c b/lib/parse_subs.c
653 index 3a04dd6..8a032e8 100644
654 --- a/lib/parse_subs.c
655 +++ b/lib/parse_subs.c
661 #include "automount.h"
664 diff --git a/lib/rpc_subs.c b/lib/rpc_subs.c
665 index 6be86c6..9ac3657 100644
670 #include <rpc/pmap_prot.h>
673 #include <sys/socket.h>
676 #include <netinet/in.h>
677 #include <arpa/inet.h>
678 -#include <sys/fcntl.h>
679 #include <rpcsvc/ypclnt.h>
681 #include <sys/ioctl.h>
685 #include "rpc_subs.h"
686 +#include "automount.h"
688 /* #define STANDALONE */
690 @@ -59,7 +58,7 @@ inline void dump_core(void);
692 static CLIENT *create_udp_client(struct conn_info *info)
694 - int fd, cl_flags, ret, ghn_errno;
695 + int fd, ret, ghn_errno;
697 struct sockaddr_in laddr, raddr;
699 @@ -115,15 +114,10 @@ got_addr:
700 * layer, it would bind to a reserved port, which has been shown
701 * to exhaust the reserved port range in some situations.
703 - fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
704 + fd = open_sock(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
708 - if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) {
709 - cl_flags |= FD_CLOEXEC;
710 - fcntl(fd, F_SETFD, cl_flags);
713 laddr.sin_family = AF_INET;
715 laddr.sin_addr.s_addr = htonl(INADDR_ANY);
716 @@ -274,7 +268,7 @@ done:
718 static CLIENT *create_tcp_client(struct conn_info *info)
720 - int fd, cl_flags, ghn_errno;
723 struct sockaddr_in addr;
725 @@ -324,15 +318,10 @@ got_addr:
726 addr.sin_port = htons(info->port);
729 - fd = socket(PF_INET, SOCK_STREAM, info->proto->p_proto);
730 + fd = open_sock(PF_INET, SOCK_STREAM, info->proto->p_proto);
734 - if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) {
735 - cl_flags |= FD_CLOEXEC;
736 - fcntl(fd, F_SETFD, cl_flags);
739 ret = connect_nb(fd, &addr, &info->timeout);
742 diff --git a/modules/cyrus-sasl.c b/modules/cyrus-sasl.c
743 index 902d9aa..286af15 100644
744 --- a/modules/cyrus-sasl.c
745 +++ b/modules/cyrus-sasl.c
752 #include <sasl/sasl.h>
754 diff --git a/modules/lookup_file.c b/modules/lookup_file.c
755 index 9e34b72..95b9f6f 100644
756 --- a/modules/lookup_file.c
757 +++ b/modules/lookup_file.c
767 @@ -395,7 +393,7 @@ int lookup_read_master(struct master *master, time_t age, void *context)
773 unsigned int path_len, ent_len;
774 int entry, cur_state;
776 @@ -422,7 +420,7 @@ int lookup_read_master(struct master *master, time_t age, void *context)
777 return NSS_STATUS_UNAVAIL;
780 - f = fopen(ctxt->mapname, "r");
781 + f = open_fopen_r(ctxt->mapname);
784 MODPREFIX "could not open master map file %s",
785 @@ -432,11 +430,6 @@ int lookup_read_master(struct master *master, time_t age, void *context)
789 - if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) {
790 - cl_flags |= FD_CLOEXEC;
791 - fcntl(fd, F_SETFD, cl_flags);
795 entry = read_one(logopt, f, path, &path_len, ent, &ent_len);
797 @@ -651,7 +644,7 @@ int lookup_read_map(struct autofs_point *ap, time_t age, void *context)
803 unsigned int k_len, m_len;
806 @@ -684,7 +677,7 @@ int lookup_read_map(struct autofs_point *ap, time_t age, void *context)
807 return NSS_STATUS_UNAVAIL;
810 - f = fopen(ctxt->mapname, "r");
811 + f = open_fopen_r(ctxt->mapname);
814 MODPREFIX "could not open map file %s", ctxt->mapname);
815 @@ -693,11 +686,6 @@ int lookup_read_map(struct autofs_point *ap, time_t age, void *context)
819 - if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) {
820 - cl_flags |= FD_CLOEXEC;
821 - fcntl(fd, F_SETFD, cl_flags);
825 entry = read_one(ap->logopt, f, key, &k_len, mapent, &m_len);
827 @@ -784,7 +772,6 @@ static int lookup_one(struct autofs_point *ap,
828 char mapent[MAPENT_MAX_LEN + 1];
829 time_t age = time(NULL);
832 unsigned int k_len, m_len;
835 @@ -794,20 +781,13 @@ static int lookup_one(struct autofs_point *ap,
839 - f = fopen(ctxt->mapname, "r");
840 + f = open_fopen_r(ctxt->mapname);
843 MODPREFIX "could not open map file %s", ctxt->mapname);
849 - if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) {
850 - cl_flags |= FD_CLOEXEC;
851 - fcntl(fd, F_SETFD, cl_flags);
855 entry = read_one(ap->logopt, f, mkey, &k_len, mapent, &m_len);
857 @@ -897,7 +877,6 @@ static int lookup_wild(struct autofs_point *ap, struct lookup_context *ctxt)
858 char mapent[MAPENT_MAX_LEN + 1];
859 time_t age = time(NULL);
862 unsigned int k_len, m_len;
865 @@ -907,20 +886,13 @@ static int lookup_wild(struct autofs_point *ap, struct lookup_context *ctxt)
869 - f = fopen(ctxt->mapname, "r");
870 + f = open_fopen_r(ctxt->mapname);
873 MODPREFIX "could not open map file %s", ctxt->mapname);
879 - if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) {
880 - cl_flags |= FD_CLOEXEC;
881 - fcntl(fd, F_SETFD, cl_flags);
885 entry = read_one(ap->logopt, f, mkey, &k_len, mapent, &m_len);
887 diff --git a/modules/lookup_hesiod.c b/modules/lookup_hesiod.c
888 index 737a47e..0a2ee44 100644
889 --- a/modules/lookup_hesiod.c
890 +++ b/modules/lookup_hesiod.c
897 #include <netinet/in.h>
898 #include <arpa/nameser.h>
899 diff --git a/modules/lookup_hosts.c b/modules/lookup_hosts.c
900 index f8d4269..93b975a 100644
901 --- a/modules/lookup_hosts.c
902 +++ b/modules/lookup_hosts.c
908 #include <sys/param.h>
909 #include <sys/types.h>
910 #include <sys/stat.h>
911 diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
912 index 42c3235..6ba80eb 100644
913 --- a/modules/lookup_ldap.c
914 +++ b/modules/lookup_ldap.c
916 #include <sys/stat.h>
923 diff --git a/modules/lookup_multi.c b/modules/lookup_multi.c
924 index 601d48e..1bf2e0a 100644
925 --- a/modules/lookup_multi.c
926 +++ b/modules/lookup_multi.c
932 #include <sys/stat.h>
934 #define MODULE_LOOKUP
935 diff --git a/modules/lookup_nisplus.c b/modules/lookup_nisplus.c
936 index f15465f..4c3ce60 100644
937 --- a/modules/lookup_nisplus.c
938 +++ b/modules/lookup_nisplus.c
944 #include <sys/param.h>
945 #include <sys/types.h>
947 diff --git a/modules/lookup_program.c b/modules/lookup_program.c
948 index bf32d3b..6f4e2a3 100644
949 --- a/modules/lookup_program.c
950 +++ b/modules/lookup_program.c
957 #include <sys/param.h>
958 #include <sys/stat.h>
959 @@ -212,12 +211,12 @@ int lookup_mount(struct autofs_point *ap, const char *name, int name_len, void *
960 * want to send stderr to the syslog, and we don't use spawnl()
961 * because we need the pipe hooks
963 - if (pipe(pipefd)) {
964 + if (open_pipe(pipefd)) {
965 char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
966 logerr(MODPREFIX "pipe: %s", estr);
969 - if (pipe(epipefd)) {
970 + if (open_pipe(epipefd)) {
974 diff --git a/modules/lookup_userhome.c b/modules/lookup_userhome.c
975 index 680ddaf..fb3caaa 100644
976 --- a/modules/lookup_userhome.c
977 +++ b/modules/lookup_userhome.c
984 #include <sys/param.h>
985 #include <sys/types.h>
986 diff --git a/modules/lookup_yp.c b/modules/lookup_yp.c
987 index 1b62f57..ce438e8 100644
988 --- a/modules/lookup_yp.c
989 +++ b/modules/lookup_yp.c
998 diff --git a/modules/mount_afs.c b/modules/mount_afs.c
999 index 96a1367..50628ce 100644
1000 --- a/modules/mount_afs.c
1001 +++ b/modules/mount_afs.c
1007 -#include <unistd.h>
1009 #include <sys/param.h>
1010 #include <sys/types.h>
1011 diff --git a/modules/mount_autofs.c b/modules/mount_autofs.c
1012 index eb63d8e..82a5ef3 100644
1013 --- a/modules/mount_autofs.c
1014 +++ b/modules/mount_autofs.c
1020 -#include <unistd.h>
1024 diff --git a/modules/mount_bind.c b/modules/mount_bind.c
1025 index 022d183..361f0c2 100644
1026 --- a/modules/mount_bind.c
1027 +++ b/modules/mount_bind.c
1033 -#include <unistd.h>
1036 #include <sys/param.h>
1037 diff --git a/modules/mount_changer.c b/modules/mount_changer.c
1038 index 43b8355..92bb72b 100644
1039 --- a/modules/mount_changer.c
1040 +++ b/modules/mount_changer.c
1046 -#include <unistd.h>
1048 #include <sys/param.h>
1049 #include <sys/types.h>
1050 @@ -145,25 +143,19 @@ int swapCD(const char *device, const char *slotName)
1052 int fd; /* file descriptor for CD-ROM device */
1053 int status; /* return status for system calls */
1056 int total_slots_available;
1058 slot = atoi(slotName) - 1;
1061 - fd = open(device, O_RDONLY | O_NONBLOCK);
1062 + fd = open_fd(device, O_RDONLY | O_NONBLOCK);
1064 logerr(MODPREFIX "Opening device %s failed : %s",
1065 device, strerror(errno));
1069 - if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) {
1070 - cl_flags |= FD_CLOEXEC;
1071 - fcntl(fd, F_SETFD, cl_flags);
1074 /* Check CD player status */
1075 total_slots_available = ioctl(fd, CDROM_CHANGER_NSLOTS);
1076 if (total_slots_available <= 1) {
1077 diff --git a/modules/mount_ext2.c b/modules/mount_ext2.c
1078 index 4c5b271..192ec04 100644
1079 --- a/modules/mount_ext2.c
1080 +++ b/modules/mount_ext2.c
1086 -#include <unistd.h>
1089 #include <sys/param.h>
1090 diff --git a/modules/mount_generic.c b/modules/mount_generic.c
1091 index f094d07..6d7b4b3 100644
1092 --- a/modules/mount_generic.c
1093 +++ b/modules/mount_generic.c
1099 -#include <unistd.h>
1102 #include <sys/param.h>
1103 diff --git a/modules/mount_nfs.c b/modules/mount_nfs.c
1104 index c747078..20732f8 100644
1105 --- a/modules/mount_nfs.c
1106 +++ b/modules/mount_nfs.c
1112 -#include <unistd.h>
1115 #include <sys/param.h>
1116 diff --git a/modules/parse_hesiod.c b/modules/parse_hesiod.c
1117 index ff1f0a5..d5bb0f4 100644
1118 --- a/modules/parse_hesiod.c
1119 +++ b/modules/parse_hesiod.c
1121 #include <sys/types.h>
1124 -#include <unistd.h>
1126 #include <netinet/in.h>
1127 #include <arpa/nameser.h>
1128 diff --git a/modules/parse_sun.c b/modules/parse_sun.c
1129 index 2c4f8b2..72e51e2 100644
1130 --- a/modules/parse_sun.c
1131 +++ b/modules/parse_sun.c
1137 -#include <unistd.h>
1141 diff --git a/modules/replicated.c b/modules/replicated.c
1142 index b435f4b..63829a2 100644
1143 --- a/modules/replicated.c
1144 +++ b/modules/replicated.c
1147 #include <netinet/in.h>
1149 -#include <unistd.h>
1152 #include "rpc_subs.h"
1153 #include "replicated.h"
1154 @@ -82,7 +80,7 @@ void seed_random(void)
1158 - fd = open("/dev/urandom", O_RDONLY);
1159 + fd = open_fd("/dev/urandom", O_RDONLY);
1161 srandom(time(NULL));
1163 @@ -145,7 +143,7 @@ static unsigned int get_proximity(const char *host_addr, int addr_len)
1164 char tmp[20], buf[MAX_ERR_BUF], *ptr;
1166 struct ifreq *ifr, nmptr;
1167 - int sock, cl_flags, ret, i;
1169 uint32_t mask, ha, ia;
1171 memcpy(tmp, host_addr, addr_len);
1172 @@ -153,18 +151,13 @@ static unsigned int get_proximity(const char *host_addr, int addr_len)
1174 ha = ntohl((uint32_t) hst_addr->s_addr);
1176 - sock = socket(AF_INET, SOCK_DGRAM, 0);
1177 + sock = open_sock(AF_INET, SOCK_DGRAM, 0);
1179 char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
1180 logerr("socket creation failed: %s", estr);
1181 return PROXIMITY_ERROR;
1184 - if ((cl_flags = fcntl(sock, F_GETFD, 0)) != -1) {
1185 - cl_flags |= FD_CLOEXEC;
1186 - fcntl(sock, F_SETFD, cl_flags);
1189 if (!alloc_ifreq(&ifc, sock)) {
1191 return PROXIMITY_ERROR;