From owner-cvs-all Sun Dec 10 16:42:48 2000 From owner-cvs-all@FreeBSD.ORG Sun Dec 10 16:42:43 2000 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from Awfulhak.org (awfulhak.demon.co.uk [194.222.196.252]) by hub.freebsd.org (Postfix) with ESMTP id 0BBED37B400; Sun, 10 Dec 2000 16:42:42 -0800 (PST) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.11.1/8.11.1) with ESMTP id eBB0ehH16544; Mon, 11 Dec 2000 00:40:44 GMT (envelope-from brian@lan.awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.1/8.11.1) with ESMTP id eBB0hYV06366; Mon, 11 Dec 2000 00:43:34 GMT (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200012110043.eBB0hYV06366@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 To: Robert Watson Cc: Brian Somers , Dag-Erling Smorgrav , "David E. O'Brien" , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, brian@Awfulhak.org Subject: Re: cvs commit: src/etc crontab In-Reply-To: Message from Robert Watson of "Sat, 09 Dec 2000 22:42:41 EST." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 11 Dec 2000 00:43:34 +0000 From: Brian Somers Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > On Sat, 9 Dec 2000, Brian Somers wrote: > > > It makes things a bit un-orthogonal though. Maybe something like > > this would be more appropriate: > > > > 1 3 * * * root lockf /var/run/periodic periodic daily > > 1 3 * * 6 root lockf /var/run/periodic periodic weekly > > 1 3 1 * * root lockf /var/run/periodic periodic monthly > > While this is really much cleaner and appealing to me, it runs into the > usual file locking problem: since they're advisory, they're inter-user and > enforced for root (!). As such, any random process running as any random > user can acquire the lock and stack up all your periodic scripts, DoSing > you. And it's hard to track down, too, since it's hard to figure out what > processes own what locks. This actually applies to a really large number > of other related problems: for example, when locking is used to protect > mailboxes, any user can deny service by acquiring locks on all mailboxes, > etc. Usually the solution is to only use locks on objects which are > appropriately protected, unfortunately. I chose /var/run because it's only writable by root. > On a related note, this is also more susceptible to cascading failure, as > it queues the work rather than canceling it if resources aren't available. This is no worse than what's already there though. I guess it would make sense to have a job run at 5:00 that checks the lock and moans if it still exists.... but I think that's a bit horrible. > Robert N M Watson FreeBSD Core Team, TrustedBSD Project > robert@fledge.watson.org NAI Labs, Safeport Network Services -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message