[Pki-devel] [PATCH] 46 Prevent concurrent execution of pkispawn and pkidestroy

[Endi Sukma Dewata]

On 4/3/2013 9:52 AM, Ade Lee wrote:
> On Wed, 2013-04-03 at 10:36 -0400, Abhishek Koneru wrote:
>> 1. This mechanism locks the entire system, so only one
>> pkispawn/pkidestroy can run at any time. Is this the intended behavior?
>> Or should we lock a particular instance only?
>>
>> I think it was decided to allow only one pkispawn/pkidestroy for an
>> entire system.
>
> pkispawn and pkidestroy do selinux operations.  Only one set of selinux
> operations should be done at a time.  Not doing this could cause an
> operation to fail or worse.  If you like, you could try to lock this
> section only, but then you still need to ensure that concurrent
> oerations do not affect the same data -- for instance, are they touching
> the same ports?
>
> The simplest and easiest solution will be to lock to having one
> operation per system at a time.

Is it because the selinux operations in general are not safe to run 
concurrently? If that's the case what about selinux operations executed 
by other applications, do we need to be concerned about that?

Or is this only a concern when the operations affect the same data (e.g. 
same instance/ports)? This means running concurrent pkispawn to create 
two unrelated instances with completely different settings should not be 
blocked at all.

If that's the case, there are two things that can be done:
1. Lock the instance to make sure it's not modified at the same time.
2. Check to make sure different instances don't use conflicting settings 
(e.g. ports).

In general we should be able to assume that people won't use conflicting 
settings in different instances. But if that happens the above steps 
should catch that. Does setup-ds.pl lock the entire system?

Locking pkispawn/pkidestroy to prevent concurrent execution doesn't 
really prevent someone from using conflicting settings in a later execution.

-- 
Endi S. Dewata