From 875ba4d786267b4301595327bec8e1d07b039dde Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Wed, 29 Jul 2020 15:19:01 +0200 Subject: [PATCH 1/6] Add 0660 file permissions in greenbone-feed-sync This allows the lockfile to be shared with users in the same group. --- tools/greenbone-feed-sync.in | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/greenbone-feed-sync.in b/tools/greenbone-feed-sync.in index 5fbed6560..40a398d48 100644 --- a/tools/greenbone-feed-sync.in +++ b/tools/greenbone-feed-sync.in @@ -596,6 +596,7 @@ then exit 0 fi ( + chmod +660 $LOCK_FILE flock -n 9 if [ $? -eq 1 ] ; then log_notice "Sync in progress, exiting." From 1421a5e72fac589f6b5a085b7510302ab7e97880 Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Wed, 29 Jul 2020 15:42:21 +0200 Subject: [PATCH 2/6] Add group write, remove append for lock functions The group write flag allows sharing the lock with other users while removing the append flag prevents the lockfile growing if it is checked repeatedly over time. --- src/gmp.c | 6 +++--- src/utils.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/gmp.c b/src/gmp.c index d4007a0c6..bfbc544ea 100644 --- a/src/gmp.c +++ b/src/gmp.c @@ -12368,9 +12368,9 @@ get_feed_lock_status (const char *lockfile_name, gchar **timestamp) ret = 0; lockfile = open (lockfile_name, - O_RDWR | O_CREAT | O_APPEND, - /* "-rw-r--r--" */ - S_IWUSR | S_IRUSR | S_IROTH | S_IRGRP); + O_RDWR | O_CREAT, + /* "-rw-rw-r--" */ + S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH); if (lockfile == -1) g_warning ("%s: failed to open lock file '%s': %s", __func__, lockfile_name, strerror (errno)); diff --git a/src/utils.c b/src/utils.c index dec5cbd78..2a785b595 100644 --- a/src/utils.c +++ b/src/utils.c @@ -551,9 +551,9 @@ lock_internal (lockfile_t *lockfile, const gchar *lockfile_name, else full_name = g_build_filename (GVM_RUN_DIR, lockfile_name, NULL); - fd = open (full_name, O_RDWR | O_CREAT | O_APPEND, - /* "-rw-r--r--" */ - S_IWUSR | S_IRUSR | S_IROTH | S_IRGRP); + fd = open (full_name, O_RDWR | O_CREAT, + /* "-rw-rw-r--" */ + S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH); if (fd == -1) { g_warning ("Failed to open lock file '%s': %s", full_name, From 837b64ca041d10c81b9ccb5d200cb4535a9be27d Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Thu, 30 Jul 2020 09:52:12 +0200 Subject: [PATCH 3/6] Add lockfile changes to CHANGELOG --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a17737b28..8f7dd8d87 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -138,6 +138,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Outdated references to "openvassd" have been updated to "openvas" [#1189](https://github.com/greenbone/gvmd/pull/1189) - Quote identifiers in SQL functions using EXECUTE [#1192](https://github.com/greenbone/gvmd/pull/1192) - Fix handling of interrupted tasks [#1207](https://github.com/greenbone/gvmd/pull/1207) +- Allow group access to lockfile and do not append to timestamp file [#1213](https://github.com/greenbone/gvmd/pull/1213) ### Removed - Remove support for "All SecInfo": removal of "allinfo" for type in get_info [#790](https://github.com/greenbone/gvmd/pull/790) From 719448162deaacec456aea123fa771ca93d9961e Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Thu, 30 Jul 2020 11:37:02 +0200 Subject: [PATCH 4/6] Open lockfile for input in greenbone-feed-sync This prevents the content being overwritten if the file is locked. --- tools/greenbone-feed-sync.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/greenbone-feed-sync.in b/tools/greenbone-feed-sync.in index 40a398d48..27325a5a9 100644 --- a/tools/greenbone-feed-sync.in +++ b/tools/greenbone-feed-sync.in @@ -605,6 +605,6 @@ fi date > $LOCK_FILE sync_feed_data echo -n > $LOCK_FILE -) 9>$LOCK_FILE +) 9<$LOCK_FILE exit 0 From b7447304044586feb96afe4a15ef131741014e20 Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Thu, 30 Jul 2020 11:44:53 +0200 Subject: [PATCH 5/6] Update CHANGELOG entry for lockfile fix --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8f7dd8d87..71091390e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -138,7 +138,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Outdated references to "openvassd" have been updated to "openvas" [#1189](https://github.com/greenbone/gvmd/pull/1189) - Quote identifiers in SQL functions using EXECUTE [#1192](https://github.com/greenbone/gvmd/pull/1192) - Fix handling of interrupted tasks [#1207](https://github.com/greenbone/gvmd/pull/1207) -- Allow group access to lockfile and do not append to timestamp file [#1213](https://github.com/greenbone/gvmd/pull/1213) +- Allow group access to lockfile and fix growing or empty timestamp [#1213](https://github.com/greenbone/gvmd/pull/1213) ### Removed - Remove support for "All SecInfo": removal of "allinfo" for type in get_info [#790](https://github.com/greenbone/gvmd/pull/790) From 7b5c8cc30063c5e3d1d4fa2825ef698655505783 Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Thu, 30 Jul 2020 15:27:34 +0200 Subject: [PATCH 6/6] Use append mode for greenbone-feed-sync lockfile Using read mode does not work if the file does not exist. --- tools/greenbone-feed-sync.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/greenbone-feed-sync.in b/tools/greenbone-feed-sync.in index 27325a5a9..f86c0cf58 100644 --- a/tools/greenbone-feed-sync.in +++ b/tools/greenbone-feed-sync.in @@ -605,6 +605,6 @@ fi date > $LOCK_FILE sync_feed_data echo -n > $LOCK_FILE -) 9<$LOCK_FILE +) 9>>$LOCK_FILE exit 0