[pve-devel] [PATCH pve-client 1/2] Lock the config file in /var/lock

Stoiko Ivanov s.ivanov at proxmox.com
Tue Jun 19 16:31:29 CEST 2018


On Tue, 19 Jun 2018 16:03:58 +0200
René Jochum <r.jochum at proxmox.com> wrote:

> this prevents it from beeing created by the "lock_file" function.
> It would get 0644 permissions when the file is created by "lock_file".
> ---
>  PVE/APIClient/Config.pm | 10 +++++++++-
>  1 file changed, 9 insertions(+), 1 deletion(-)
> 
> diff --git a/PVE/APIClient/Config.pm b/PVE/APIClient/Config.pm
> index a4aa4c6..6f9f332 100644
> --- a/PVE/APIClient/Config.pm
> +++ b/PVE/APIClient/Config.pm
> @@ -64,10 +64,18 @@ sub config_filename {
>      return "$dir/config";
>  }
>  
> +sub config_lock_filename {
> +    my ($class) = @_;
> +
> +    return "/var/lock/pveclient/config.lck";
After a short offlist-talk I checked various OS installs for their take
at /var/lock - and in most (Arch, Alpine(container from pveam),
Free/OpenBSD) the directory is only writable by root (and by group
uucp on alpine...), if it exists at all (does not on BSD).
IMHO it may be more portable to create the lockfile next to the actual
configfile.


> +}
> +
>  sub lock_config {
>      my ($class, $timeout, $code, @param) = @_;
>  
> -    my $filename = $class->config_filename();
> +    my $filename = $class->config_lock_filename();
> +
> +    make_path(dirname($filename));
>  
>      my $res = PVE::APIClient::Tools::lock_file($filename, $timeout,
> $code, @param); 





More information about the pve-devel mailing list