diff options
-rw-r--r-- | src/sss_client/nss_mc_common.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/src/sss_client/nss_mc_common.c b/src/sss_client/nss_mc_common.c index d910e17ba..400042eb1 100644 --- a/src/sss_client/nss_mc_common.c +++ b/src/sss_client/nss_mc_common.c @@ -83,6 +83,12 @@ errno_t sss_nss_check_header(struct sss_cli_mc_ctx *ctx) return 0; } +#ifdef O_CLOEXEC +#define SSS_MC_OPEN_FLAGS O_RDONLY|O_CLOEXEC +#else +#define SSS_MC_OPEN_FLAGS O_RDONLY +#endif + errno_t sss_nss_mc_get_ctx(const char *name, struct sss_cli_mc_ctx *ctx) { struct stat fdstat; @@ -106,10 +112,19 @@ errno_t sss_nss_mc_get_ctx(const char *name, struct sss_cli_mc_ctx *ctx) goto done; } - ctx->fd = open(file, O_RDONLY|O_CLOEXEC); + ctx->fd = open(file, SSS_MC_OPEN_FLAGS); if (ctx->fd == -1) { ret = EIO; goto done; +#ifndef O_CLOEXEC + } else { + int v; + + v = fcntl(ctx->fd, F_GETFD, 0); + /* we ignore an error, it's not fatal and there is nothing we + * can do about it anyways */ + (void)fcntl(ctx->fd, F_SETFD, v | FD_CLOEXEC); +#endif } ret = fstat(ctx->fd, &fdstat); |