From owner-freebsd-hackers Sun Jun 23 17: 8:43 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from avocet.mail.pas.earthlink.net (avocet.mail.pas.earthlink.net [207.217.120.50]) by hub.freebsd.org (Postfix) with ESMTP id 6778337B400 for ; Sun, 23 Jun 2002 17:08:38 -0700 (PDT) Received: from pool0336.cvx22-bradley.dialup.earthlink.net ([209.179.199.81] helo=mindspring.com) by avocet.mail.pas.earthlink.net with esmtp (Exim 3.33 #2) id 17MHOz-0007cP-00; Sun, 23 Jun 2002 17:08:18 -0700 Message-ID: <3D1662CC.FE6F6D49@mindspring.com> Date: Sun, 23 Jun 2002 17:07:40 -0700 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Paul Herman Cc: "Matthew D. Fuller" , "Geoffrey C. Speicher" , freebsd-hackers@FreeBSD.ORG Subject: Re: bug in pw, -STABLE [patch] References: <20020623111412.V38509-100000@mammoth.eat.frenchfries.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Paul Herman wrote: > Fine, then lock them both, and use rename(). Patch attached. > > In fact, if you look at fileupdate(), you see that it already gains > an exclusive lock on the temp file, but not the original > "/etc/master.passwd" (if you will.) I think this is a bug, because > the original is getting modified (at least in name space), so that > should be locked while pw(8) is operating. > > What do you think? Don't use an exclusive open. Use a standard lock file lock mechanism. The problem with your proposed patch is that it breaks the ability to allow authentication against the database while it is undergoing modification, which may be a prolonged period. The correct way to deal with this is to make a hard link against the file, verify that the link count is exactly 2, and if it's not, back off and fail. You are only permitted to write the file if you are the one that made the second link. Since both rename and link are atomic operations in the directory, you are safe. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message