From 16c33bfb073d5fd0ba45c0db9daa386c482cc99e Mon Sep 17 00:00:00 2001
From: Ludovic Courtès <ludo@gnu.org>
Date: Mon, 2 Mar 2015 20:34:37 +0100
Subject: services: xorg: Fix file descriptor leak from SLiM/xinitrc.

This reverts commit 9515b745547cff08ad5b958bc54323dab19f29b9.

* gnu/services/xorg.scm (xinitrc)[builder](close-all-fdes): Start from
  file descriptor 3.
---
 gnu/services/xorg.scm | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'gnu/services/xorg.scm')

diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm
index 69a89584e0..562f57ffa0 100644
--- a/gnu/services/xorg.scm
+++ b/gnu/services/xorg.scm
@@ -155,6 +155,13 @@ (define builder
     #~(begin
         (use-modules (ice-9 match))
 
+        (define (close-all-fdes)
+          ;; Close all the open file descriptors except 0 to 2.
+          (let loop ((fd 3))
+            (when (< fd 4096)               ;FIXME: use sysconf + _SC_OPEN_MAX
+              (false-if-exception (close-fdes fd))
+              (loop (+ 1 fd)))))
+
         (define (exec-from-login-shell command . args)
           ;; Run COMMAND from a login shell so that it gets to see the same
           ;; environment variables that one gets when logging in on a tty, for
@@ -163,6 +170,11 @@ (define (exec-from-login-shell command . args)
                  (shell (passwd:shell pw))
                  (st    (stat command #f)))
             (when (and st (not (zero? (logand (stat:mode st) #o100))))
+              ;; Close any open file descriptors.  This is all the more
+              ;; important that SLiM itself exec's us directly without closing
+              ;; its own file descriptors!
+              (close-all-fdes)
+
               ;; The '--login' option is supported at least by Bash and zsh.
               (execl shell shell "--login" "-c"
                      (string-join (cons command args))))))
-- 
cgit v1.2.3