Add O_CLOEXEC to open flags and drop the call to fcntl

juspence · Oct 28, 2021 · 30cbd35 · 30cbd35
1 parent d62c38a
commit 30cbd35
Showing 1 changed file with 1 addition and 7 deletions.
diff --git a/src/auditd-event.c b/src/auditd-event.c
@@ -1224,7 +1224,7 @@ static int open_audit_log(void)
 	if (config->write_logs == 0)
 		return 0;
 
-	flags = O_WRONLY|O_APPEND|O_NOFOLLOW;
+	flags = O_WRONLY|O_APPEND|O_NOFOLLOW|O_CLOEXEC;
 	if (config->flush == FT_DATA)
 		flags |= O_DSYNC;
 	else if (config->flush == FT_SYNC)
@@ -1269,12 +1269,6 @@ static int open_audit_log(void)
 		}
 	}
 
-	if (fcntl(lfd, F_SETFD, FD_CLOEXEC) == -1) {
-		audit_msg(LOG_ERR, "Error setting log file CLOEXEC flag (%s)",
-			strerror(errno));
-		close(lfd);
-		return 1;
-	}
 	if (fchmod(lfd, config->log_group ? S_IRUSR|S_IWUSR|S_IRGRP :
 							S_IRUSR|S_IWUSR) < 0) {
 		audit_msg(LOG_ERR,