lib: add and use set_cloexec()

watchquagga is already leaking an open file descriptor on its pid file
on fork+exec() invocations; next up is adding vtysh support with even
more fds.  Mark things CLOEXEC before going there.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

1 files changed, 7 insertions, 1 deletions

diff --git a/lib/vty.c b/lib/vty.c
index 171aca1739..10ae99db07 100644
--- a/lib/vty.c
+++ b/lib/vty.c
@@ -1841,6 +1841,7 @@ vty_accept (struct thread *thread)
       return -1;
     }
   set_nonblocking(vty_sock);
+  set_cloexec(vty_sock);
 
   sockunion2hostprefix (&su, &p);
 
@@ -1939,6 +1940,7 @@ vty_serv_sock_addrinfo (const char *hostname, unsigned short port)
       sockopt_v6only (ainfo->ai_family, sock);
       sockopt_reuseaddr (sock);
       sockopt_reuseport (sock);
+      set_cloexec (sock);
 
       ret = bind (sock, ainfo->ai_addr, ainfo->ai_addrlen);
       if (ret < 0)
@@ -2006,6 +2008,7 @@ vty_serv_sock_family (const char* addr, unsigned short port, int family)
   /* This is server, so reuse address. */
   sockopt_reuseaddr (accept_sock);
   sockopt_reuseport (accept_sock);
+  set_cloexec (accept_sock);
 
   /* Bind socket to universal address and given port. */
   ret = sockunion_bind (accept_sock, &su, port, naddr);
@@ -2068,6 +2071,8 @@ vty_serv_un (const char *path)
   len = sizeof (serv.sun_family) + strlen (serv.sun_path);
 #endif /* HAVE_STRUCT_SOCKADDR_UN_SUN_LEN */
 
+  set_cloexec (sock);
+
   ret = bind (sock, (struct sockaddr *) &serv, len);
   if (ret < 0)
     {
@@ -2135,7 +2140,8 @@ vtysh_accept (struct thread *thread)
       close (sock);
       return -1;
     }
-  
+  set_cloexec(sock);
+
 #ifdef VTYSH_DEBUG
   printf ("VTY shell accept\n");
 #endif /* VTYSH_DEBUG */