Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 18 Jun 2002 18:37:53 -0400 (EDT)
From:      "Geoffrey C. Speicher" <geoff@sea-incorporated.com>
To:        "Matthew D. Fuller" <fullermd@over-yonder.net>
Cc:        freebsd-stable@freebsd.org, Matt Simerson <freebsd@blockads.com>, Paul Herman <pherman@frenchfries.net>
Subject:   Re: bug in pw, -STABLE [patch]
Message-ID:  <20020618181252.D87892-100000@sea-incorporated.com>
In-Reply-To: <20020618042939.GF72664@over-yonder.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 17 Jun 2002, Matthew D. Fuller wrote:

> On Fri, May 17, 2002 at 06:40:57PM -0400 I heard the voice of
> Geoffrey C. Speicher, and lo! it spake thus:
>
> >  3. The lockfile is never deleted, because doing so seemed to cause a
> >     race condition between the time the file was closed and unlinked,
> >     leading to password file corruption again.  If anyone has a solution
> >     to this, please speak up.
>
> Sure; unlink it before you close it.

That's what I thought at first, too, but I tried it and somehow I was able
to corrupt the password file anyway.  I never did figure out why.  Maybe I
was just running the wrong binary.  I guess it's irrelevant for this
discussion, because:

> However, we can avoid that by using O_CREAT | O_EXCL (rather than using
> O_EXLOCK, which uses flock(2)-style stuff).  That way, if the file
> exists, it's locked, so drop out.

Good point.  This was also pointed out to me by Paul Herman (I copied him
on this message) a day or so after I posted the original message.  Using
flock-style locks is probably overkill.

> However, I'd make a few changes and additions.
[snip]
> How does that all strike you?

All this makes good sense to me.  Just one thing I'd like to toss out for
comments: from what I've seen, pw(8) is frequently run from within
non-interactive scripts.  Unless I'm reading them wrong, your patches will
make pw(8) fail with an error message if the password file is already
locked.  I wonder if it should instead block and complete after the lock
has been released, rather than force script authors to check for that
themselves.

(This is in fact how my original flock-style patches behaved.)

What do you think?

Geoff


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020618181252.D87892-100000>