Force FD_CLOEXEC on all potentially open descriptors

- instead of just "100 should be large enough", use sysconf() to grab
  number of max open files and do them all. If sysconf() fails,
  use 1024 as "should be enough for everybody"

diff --git a/lib/psm.c b/lib/psm.c
index ad2f619..d4bea69 100644 (file)
--- a/lib/psm.c
+++ b/lib/psm.c
@@ -582,6 +582,7 @@ static void doScriptExec(rpmts ts, ARGV_const_t argv, rpmtd prefixes,
     int flag;
     int fdno;
     int xx;
+    int open_max;
 
     pipes[0] = pipes[1] = 0;
     /* make stdin inaccessible */
@@ -590,8 +591,12 @@ static void doScriptExec(rpmts ts, ARGV_const_t argv, rpmtd prefixes,
     xx = dup2(pipes[0], STDIN_FILENO);
     xx = close(pipes[0]);
 
-    /* XXX Force FD_CLOEXEC on 1st 100 inherited fdno's. */
-    for (fdno = 3; fdno < 100; fdno++) {
+    /* XXX Force FD_CLOEXEC on all inherited fdno's. */
+    open_max = sysconf(_SC_OPEN_MAX);
+    if (open_max == -1) {
+       open_max = 1024;
+    }
+    for (fdno = 3; fdno < open_max; fdno++) {
        flag = fcntl(fdno, F_GETFD);
        if (flag == -1 || (flag & FD_CLOEXEC))
            continue;