[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[no subject]



Now the problems: 
	1) There has to be some agreement about what kind of locking is
taking place. WRT /etc/passwd, traditional BSD used the /etc/.pwd.lock,
SYSV uses lockf/fcntl *sometimes* on /etc/.pwd.lock and sometimes on
/etc/passwd itself. The former is called file locking, the later is called
a kernel lock, both have problems.

	2) Stale locks have always been a problem in Unix and many people
who write applications tend to ignore locks after some specified period of
time because they believe the locks are stale (that is, the process that
locked the file is no longer around). IMHO, /etc/.pwd.lock should *NEVER*
be ignored, stale or not, as a clean /etc/passwd is very important --
instead gripes to syslog (LOG_CRIT) should be generated and the program
exit.


If you are working from a clean install of, say, RedHat, all of the
applications *should* be using the same method of locking (and I would
hope that none ignore a lock of /etc/passwd) but if you have started to
mix and match passwd programs (including chfn, chsh, adduser and/or
anything you might have created locally) you enter into muddy waters. It
is vital that ALL of the different programs agree on which method to use
(or that they use both file locking and lockf/fcntl/flock) AND that in the
case of /etc/passwd locks, none feel it is right to ignore the lock
(feeling it is stale).

Without knowing much more about your system it is difficult to know where
things are going wrong for you but it sounds like your /usr/bin/passwd
program is not doing things in the same way that /usr/sbin/adduser is (at
a minimum).

I hope this helps to explain what the problems are with file locking, I
have seen it done wrong more often than it is done right (hence this
lengthy diatribe). What you need to do is either to get a complete package
(one that does adduser, passwd, chfn, chsh and anything else you want),
which one would expect to use the same locking technique throughout, or
examine the source to all of those programs you are using to ensure that
they all agree and are doing the right thing.

Finally, though I have not used it, the latest Linux kernels have support
for mandatory file locking (presumedly via flock), it might be worth
looking at using this (anyone with experience with using mandatory locking
on this list? does it work as advertised?).

cheers, kinch




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []