+/* From captive/src/libcaptive/sandbox/split.c/captive_sandbox_fd_closeup(): */
+#define g_return_if_fail(cond) do { if (!(cond)) { ERROR("FAIL: " #cond ); return; } } while (0)
+#define g_assert(cond) do { if (!(cond)) ERROR("FAIL: " #cond ); } while (0)
+static void fd_closeup(int fd_first_to_delete,int exception)
+{
+DIR *dir;
+int errint;
+int dir_fd;
+struct dirent *dirent;
+
+ dir=opendir("/proc/self/fd/");
+ g_return_if_fail(dir!=NULL);
+ dir_fd=dirfd(dir);
+ g_return_if_fail(dir_fd!=-1);
+
+ while (errno=0,(dirent=readdir(dir))) {
+long dirent_fd;
+char *endptr;
+
+ if (0
+ || !strcmp(dirent->d_name,".")
+ || !strcmp(dirent->d_name,".."))
+ continue;
+ dirent_fd=strtol(dirent->d_name,&endptr,10 /* base */);
+ g_assert(dirent_fd>=0 && (!endptr || !*endptr));
+ if (dirent_fd<fd_first_to_delete || dirent_fd==dir_fd || dirent_fd==exception)
+ continue;
+
+ errint=close(dirent_fd);
+ g_assert(errint==0);
+ errno=0;
+ errint=close(dirent_fd);
+ g_assert(errint==-1); g_assert(errno==EBADF);
+ }
+ g_return_if_fail(errno==0); /* check for EOF */
+
+ errint=closedir(dir);
+ g_return_if_fail(errint==0);
+ errno=0;
+ close(dir_fd); g_assert(errno==EBADF); /* just a bit of paranoia; it should be already closed by closedir() */
+}
+#undef g_return_if_fail
+#undef g_assert
+