[ale] flock

cfowler cfowler at outpostsentinel.com
Mon Mar 26 09:33:18 EDT 2007


On Mon, 2007-03-26 at 09:25 -0400, James P. Kinney III wrote:
> Hmm. I am specifically pulling password data out of /etc/shadow to
> synchronize multiple machines to a master repository. I _really_ don't
> want the shadow file changing on any of the machines during the
> process.

Are all these shadow files on ext2 FS?  The only change would be due to
a password or user addition?  

How long will this process take?

1.  Mark the file as RO in the ext2/3 FS.  Use chattr
2.  Copy contents
3.  Mark file as RW.

If anyone tries to change their password they will get an error message
that the file can not be written to.  Even root will not be able to
write to that file with the RO attribute configured in the file system. 

Note, this is not a mode attribute.  This is specific to ext2.


> 
> I've been trying to avoid the ldap or NIS process but it looks like that
> is the only well supported route to go on from here. 
> 
> On Mon, 2007-03-26 at 08:45 -0400, cfowler wrote:
> > On Mon, 2007-03-26 at 08:35 -0400, cfowler wrote:
> > > Isn't flock advisory locking?  Maybe vipw uses it?  In order for it to
> > > work both programs must use flock.
> > 
> > vipw does not use flock
> > 
> > open("/etc/ptmptmp", O_WRONLY|O_CREAT|O_LARGEFILE, 0600) = 3
> > link("/etc/ptmptmp", "/etc/ptmp")       = 0
> > unlink("/etc/ptmptmp")                  = 0
> > open("/etc/passwd", O_RDONLY|O_LARGEFILE) = 4
> > read(4, "root:x:0:0:root:/root:/bin/bash\n"..., 8192) = 1414
> > write(3, "root:x:0:0:root:/root:/bin/bash\n"..., 1414) = 1414
> > read(4, "", 8192)                       = 0
> > close(4)                                = 0
> > close(3)                                = 0
> > stat64("/etc/ptmp", {st_mode=S_IFREG|0600, st_size=1414, ...}) = 0
> > clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|
> > SIGCHLD, child_tidptr=0xf70f5b08) = 4651
> > 
> > Instead it creates a temp file and if it exists that is the "lock".
> > 
> > 
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale




More information about the Ale mailing list