Do not close error pipe or debug fd via closefrom() as we need them

to report an exec error should one occur.

common/sudo_debug.c

@@ -398,3 +398,20 @@ sudo_debug_execve2(int level, const char *path, char *const argv[], char *const
     sudo_debug_write(buf, buflen);
     free(buf);
 }
+
+/*
+ * Dup sudo_debug_fd to the specified value so we don't
+ * close it when calling closefrom().
+ */
+int
+sudo_debug_fd_set(int fd)
+{
+    if (sudo_debug_fd != -1 && fd != sudo_debug_fd) {
+	if (dup2(sudo_debug_fd, fd) == -1)
+	    return -1;
+	(void)fcntl(fd, F_SETFD, FD_CLOEXEC);
+	close(sudo_debug_fd);
+	sudo_debug_fd = fd;
+    }
+    return sudo_debug_fd;
+}