Date: Thu, 21 Sep 2006 15:24:12 -0700 From: Chuck Swiger <cswiger@mac.com> To: Robert Joosten <robert@ml.erje.net> Cc: questions@freebsd.org Subject: Re: 6.1 and NFS Message-ID: <6180D198-A44B-46D0-8A0B-FC5D3ACA115C@mac.com> In-Reply-To: <20060921214316.GD673@iphouse.com> References: <C87B42D9-AF83-4DFC-9E13-53FCD874A444@obmail.net> <20060921182252.GA24321@xor.obsecurity.org> <20060921214316.GD673@iphouse.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sep 21, 2006, at 2:43 PM, Robert Joosten wrote: >> rpc.lockd remains unreliable; avoid using it if practical. > > Hmmm, is there a way to run pxe-boxes without rpc.lockd and then still > able to run adduser and so on ? Safely? No. But then, flock() doesn't work via NFS even if rpc.lockd is running, so you aren't any worse off. Details follow: adduser invokes pw underneath, and pw should share the same password locking convention that vipw uses to avoid simultaneous/conflicting updates to the password files. Both pw and vipw use the pw_lock() routine from src/lib/libutil: pw_lock(void) { if (*masterpasswd == '\0') return (-1); /* * If the master password file doesn't exist, the system is hosed. * Might as well try to build one. Set the close-on-exec bit so * that users can't get at the encrypted passwords while editing. * Open should allow flock'ing the file; see 4.4BSD. XXX */ for (;;) { struct stat st; lockfd = open(masterpasswd, O_RDONLY, 0); if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) == -1) err(1, "%s", masterpasswd); /* XXX vulnerable to race conditions */ if (flock(lockfd, LOCK_EX|LOCK_NB) == -1) { if (errno == EWOULDBLOCK) { errx(1, "the password db file is busy"); } else { err(1, "could not lock the passwd file: "); } } [ ... ] Note the "XXX"es. And, as Mark said in the section I quoted in my previous email on this thread: > flock() always returns as if it succeeded on NFS files, when in > fact it is a no-op. There is no way around this. However, I believe that some systems have actually re-implemented the BSD flock() call in terms of calling the POSIX lockf(), which would attempt to use rpc.lockd and thus have some chance of working over NFS. I believe this was done in Linux by Andy Walker and for MacOS X by Justin Walker (odd naming coincidence, there), IIRC; perhaps some of these changes have made their way back to the other BSDs. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6180D198-A44B-46D0-8A0B-FC5D3ACA115C>