From 7a7c31f551ff167f8718aea6d5048f6288d60205 Mon Sep 17 00:00:00 2001
From: Lubos Kardos <lkardos@redhat.com>
Date: Wed, 25 May 2016 14:52:00 +0200
Subject: [PATCH] Set FD_CLOEXEC on opened files before exec from lua script is
 called

rhbz:919801
---
 luaext/lposix.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/luaext/lposix.c b/luaext/lposix.c
index c578c5a111..0a7c26c71a 100644
--- a/luaext/lposix.c
+++ b/luaext/lposix.c
@@ -335,10 +335,22 @@ static int Pexec(lua_State *L)			/** exec(path,[args]) */
 	const char *path = luaL_checkstring(L, 1);
 	int i,n=lua_gettop(L);
 	char **argv;
+	int flag, fdno, open_max;
 
 	if (!have_forked)
 	    return luaL_error(L, "exec not permitted in this context");
 
+	open_max = sysconf(_SC_OPEN_MAX);
+	if (open_max == -1) {
+	    open_max = 1024;
+	}
+	for (fdno = 3; fdno < open_max; fdno++) {
+	    flag = fcntl(fdno, F_GETFD);
+	    if (flag == -1 || (flag & FD_CLOEXEC))
+		continue;
+	    fcntl(fdno, F_SETFD, FD_CLOEXEC);
+	}
+
 	argv = malloc((n+1)*sizeof(char*));
 	if (argv==NULL) return luaL_error(L,"not enough memory");
 	argv[0] = (char*)path;