Use close_range(2) in closefrom() emulation if available.

On Linux, prefer our own closefrom() emulation since the glibc
version may fail if /proc is not present and close_range() is not
supported.  On FreeBSD, closefrom(3) will either call the closefrom
or close_range system call, depending on which is available.

lib/util/closefrom.c

@@ -1,7 +1,7 @@
 /*
  * SPDX-License-Identifier: ISC
  *
- * Copyright (c) 2004-2005, 2007, 2010, 2012-2015, 2017-2021
+ * Copyright (c) 2004-2005, 2007, 2010, 2012-2015, 2017-2022
  *	Todd C. Miller <Todd.Miller@sudo.ws>
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -39,6 +39,9 @@
 #ifdef HAVE_LIBPROC_H
 # include <libproc.h>
 #endif
+#ifdef HAVE_LINUX_CLOSE_RANGE_H
+# include <linux/close_range.h>
+#endif
 
 #include "sudo_compat.h"
 #include "sudo_util.h"
@@ -107,6 +110,9 @@ sudo_closefrom(int lowfd)
 #if defined(HAVE_FCNTL_CLOSEM)
     if (fcntl(lowfd, F_CLOSEM, 0) != -1)
 	return;
+#elif defined(HAVE_CLOSE_RANGE)
+    if (close_range(lowfd, ~0U, 0) != -1)
+	return;
 #elif defined(HAVE_PROC_PIDINFO)
     len = proc_pidinfo(pid, PROC_PIDLISTFDS, 0, NULL, 0);
     switch (len) {