Bug 33155

	When processing an incoming connection, sshd forks to creat a child
	to manage the specific connection.  That child forks a second time
	with the second child used to manage PAM authentication.  If OPIE
	authentication is being used and the client aborts the authentication
	process then the second child will never terminate.  Any further
	attempt to log in as that user will fail because of the presence
	of the hanging process and lock file.

	Note that the process never times out - LoginGraceTime has no
	effect on the second child because the interval timer is not
	inherited across the fork (see separate PR to be written).

Fix: When the sshd process forks to manage PAM authentication, the
	parent and child share 3 pipes for IPC.  Neither the parent nor
	child close the unused ends of the pipe so that the child does
	not detect the parent's death.  The following patch closes
	the unused ends of the pipes.
How-To-Repeat: 	Configure /etc/pam.conf as follows:
sshd    auth    required        pam_opie.so
sshd    auth    required        pam_unix.so                     try_first_pass
sshd    account required        pam_unix.so
sshd    password required       pam_permit.so
sshd    session required        pam_permit.so
csshd   auth    required        pam_opie.so

	Create an OPIE key for a user and insert into /etc/opiekeys.
	Log into the host as that user:
$ slogin -l user -oTISAuthentication=yes hostname
	At the password prompt, enter Ctrl-C (or otherwise kill the client).
	On the server, a stray sshd process and /var/spool/opielocks/user
	file will be left behind.  Further attempts to log in will always
	result in failure.