* cygwin.din (dup3): Export.

(pipe2): Export.
	* dtable.cc (dtable::dup_worker): Take additional flags parameter.
	Handle O_CLOEXEC flag.
	(dtable::dup3): Rename from dup2.  Take additional flags parameter.
	Check for valid flags.  Drop check for newfd == oldfd.
	* dtable.h (dtable::dup_worker): Add flags parameter.
	(dtable::dup3): Rename from dup2.
	* fcntl.cc (fcntl64): Add F_DUPFD_CLOEXEC case.
	* fhandler.h (fhandler_mailslot::get_object_attr): Add flags parameter.
	* fhandler.cc (fhandler_base::open): Use security attribute with
	inheritance according to setting of O_CLOEXEC flag.
	* fhandler_console.cc (fhandler_console::open): Ditto.
	* fhandler_fifo.cc (sec_user_cloexec): New inline function to
	create security attribute with inheritance according to setting of
	O_CLOEXEC flag.
	(fhandler_fifo::open): Call sec_user_cloexec to fetch security
	attribute.
	(fhandler_fifo::wait): Ditto.
	* fhandler_mem.cc (fhandler_dev_mem::open): Ditto.
	* fhandler_mailslot.cc (fhandler_mailslot::get_object_attr): Take
	additional flags parameter.  Use security attribute with inheritance
	according to setting of O_CLOEXEC flag.
	(fhandler_mailslot::open): Call get_object_attr with flags parameter.
	* fhandler_registry.cc (fhandler_registry::open): Call set_close_on_exec
	on real handles to accommodate O_CLOEXEC flag.
	* fhandler_tty.cc (fhandler_tty_slave::open): Ditto.
	* fhandler_tape.cc: Create mutex with inheritance according to setting
	of O_CLOEXEC flag.
	* pipe.cc: Replace usage of O_NOINHERIT with O_CLOEXEC.
	 (fhandler_pipe::init): Simplify setting close_on_exec flag.
	(fhandler_pipe::open): Remove setting close_on_exec flag.
	(fhandler_pipe::create): Use security attribute with inheritance
	according to setting of O_CLOEXEC flag.
	(pipe2): New exported function.
	* posix_ipc.cc: Throughout, open backing files with O_CLOEXEC
	flag to follow POSIX semantics.
	* security.h (sec_none_cloexec): New define.
	* syscalls.cc (dup): Add missing extern "C" qualifier.  Accommodate
	renaming of dtable::dup2 to dtable::dup3.
	(dup2): Ditto.  Check newfd == oldfd here.
	(dup3): New function.  Check newfd == oldfd here.
	(open): Set close_on_exec flag according to O_CLOEXEC flag before
	calling fhandler->open.
	* include/cygwin/version.h (CYGWIN_VERSION_API_MINOR): Bump.

winsup/cygwin/fhandler_fifo.cc

@@ -1,6 +1,6 @@
 /* fhandler_fifo.cc - See fhandler.h for a description of the fhandler classes.
 
-   Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Red Hat, Inc.
+   Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Red Hat, Inc.
 
    This file is part of Cygwin.
 
@@ -70,6 +70,11 @@ fhandler_fifo::fifo_name (char *buf)
 			       PIPE_UNLIMITED_INSTANCES, (s), (s), \
 			       NMPWAIT_WAIT_FOREVER, sa_buf)
 
+inline PSECURITY_ATTRIBUTES
+sec_user_cloexec (bool cloexec, PSECURITY_ATTRIBUTES sa, PSID sid)
+{
+  return cloexec ? sec_user_nih (sa, sid) : sec_user (sa, sid);
+}
 
 int
 fhandler_fifo::open (int flags, mode_t)
@@ -94,7 +99,8 @@ fhandler_fifo::open (int flags, mode_t)
     {
       char char_sa_buf[1024];
       LPSECURITY_ATTRIBUTES sa_buf =
-	sec_user ((PSECURITY_ATTRIBUTES) char_sa_buf, cygheap->user.sid());
+	sec_user_cloexec (flags & O_CLOEXEC, (PSECURITY_ATTRIBUTES) char_sa_buf,
+			  cygheap->user.sid());
       bool do_seterrno = true;
 
       HANDLE h;
@@ -205,7 +211,9 @@ fhandler_fifo::wait (bool iswrite)
       fifo_name (npname);
       char char_sa_buf[1024];
       LPSECURITY_ATTRIBUTES sa_buf;
-      sa_buf = sec_user ((PSECURITY_ATTRIBUTES) char_sa_buf, cygheap->user.sid());
+      sa_buf = sec_user_cloexec (close_on_exec (),
+				 (PSECURITY_ATTRIBUTES) char_sa_buf,
+				 cygheap->user.sid());
       while (1)
 	{
 	  if (WaitNamedPipe (npname, 10))