Now that we've moved to atomic replacement of these files when altering
them, we don't need to keep them open for the lifetime of Core::Account
so just simplify this and close them when they are not needed.
Before this patch, we had a nasty race condition when changing a user's
password: there was a time window between truncating /etc/shadow and
writing out its new contents, where you could simply "su" to root
without using a password.
Instead of writing directly to /etc/passwd and /etc/shadow, we now
create temporary files in /etc and fill them with the new contents.
Those files are then atomically renamed to /etc/passwd and /etc/shadow.
Sadly, fixing this race requires giving the passwd program a lot more
privileges. This is something we can and should improve upon. :^)
Apparently memfd_create() is newish in glibc, and oss-fuzz
uses Ubuntu 16.04 as base for its docker images, which doens't
yet have memfd_create(). But, not to worry, it does have the syscall
define and that's all we really need :/
SOCK_NONBLOCK is a linux-ism that serenity and linux support. For lagom
builds, we use ioctl/fcntl to get a non-blocking socket the old
fashioned way. Some file re-org unhid the fcntl.h dependency of TcpServer,
so add the header explicitly.
This API was a mostly gratuitous deviation from POSIX that gave up some
portability in exchange for avoiding the occasional strlen().
I don't think that was actually achieving anything valuable, so let's
just chill out and have the same open() API as everyone else. :^)
