From owner-freebsd-current@FreeBSD.ORG Sun Aug 15 21:36:52 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 41FF516A4CE; Sun, 15 Aug 2004 21:36:52 +0000 (GMT) Received: from apollo.backplane.com (apollo.backplane.com [216.240.41.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2715243D31; Sun, 15 Aug 2004 21:36:52 +0000 (GMT) (envelope-from dillon@apollo.backplane.com) Received: from apollo.backplane.com (localhost [127.0.0.1]) i7FLapla024734; Sun, 15 Aug 2004 14:36:51 -0700 (PDT) (envelope-from dillon@apollo.backplane.com) Received: (from dillon@localhost) by apollo.backplane.com (8.12.9p2/8.12.9/Submit) id i7FLapSg024733; Sun, 15 Aug 2004 14:36:51 -0700 (PDT) (envelope-from dillon) Date: Sun, 15 Aug 2004 14:36:51 -0700 (PDT) From: Matthew Dillon Message-Id: <200408152136.i7FLapSg024733@apollo.backplane.com> To: Tim Kientzle References: <20040813235434.GA75875@xor.obsecurity.org> <411FCCCC.8040508@freebsd.org> cc: current@freebsd.org cc: Kris Kennaway Subject: Re: bsdtar's security restrictions (was Re: Spurious EACCES errorsfrom apache) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Aug 2004 21:36:52 -0000 : > This is bad when some of those directories :> already exist, because other processes trying to access files in the :> directory hierarchy may lose the race and fail. : : I don't think I understand what :exactly you're trying to do. : :You are extracting archives over an existing directory :that is currently being served by an Apache process in :order to refresh some (presumably) small number of files? : :Give me some more details about your situation and I'll :see what I can come up with. : :Tim Using tar for that sort of thing is a bad idea anyway, since tar (and bsdtar) do not use the create-temporary/write/rename trick to atomically replace files. This means that a live server like a web server could easily 'catch' files in the middle of being written, leading to odd errors. A far better way to handle updates is to extract to a temporary directory and then use something like 'cpdup -o' (/usr/ports/sysutils/cpdup), which does properly use the rename trick, to update the live master. Or, alternatively, NFS mount the master and use cpdup to update each slave (being sure to synchronize against the master so you don't catch the master in the middle of an update). -Matt Matthew Dillon