Ticket #120 (closed defect: fixed)

Opened 2 years ago

Last modified 7 weeks ago

Race condition when later modules override files from earlier modules

Reported by: blee Owned by: blee
Priority: critical Milestone: confman-1.9.4
Component: confman Version: 1.9.3b
Keywords: Cc:

Description

Files that get overridden by later modules in a recipe should never get installed to the filesystem.

For example, consider the sudoers file.

Recipe "base" does not allow the use of sudo:

base/usr/local/etc/sudoers

But recipe "sudo-wheel" allows members of group wheel to run sudo:

sudo-wheel/usr/local/etc/sudoers

And a sample recipe r:

base
sudo-wheel

Running 'confman commit' on a machine using recipe r will leave the machine in a broken state, since the base sudoers file will prevent confman commit from proceeding.

This may have rather unexpected effects for files other than sudoers as well (e.g. nsswitch.conf).

Change History

comment:1 Changed 7 weeks ago by ccowart

(In [543]) WIP: Fixing race condition.

Overall design change:

  • Commit modules in _reverse_ order
  • Keep a list of "committed" files and don't re-commit if we encounter the same filesystem path in a later module

I need some help reviewing this change, especially as it relates to the
install operation; I'm not convinced the implementation is complete yet.

See #120.

comment:2 Changed 7 weeks ago by ccowart

(In [544]) Reverting change; accidentally went into the 1.9 branch instead of trunk.

See #120.

comment:3 Changed 7 weeks ago by ccowart

(In [545]) WIP: Fixing race condition. And committing to the right place (trunk).

Overall design change:

  • Commit modules in _reverse_ order
  • Keep a list of "committed" files and don't re-commit if we encounter the same filesystem path in a later module

I need some help reviewing this change, especially as it relates to the
install operation; I'm not convinced the implementation is complete yet.

See #120.

comment:4 Changed 7 weeks ago by ccowart

(In [546]) Have to use whole-line matching to prevent substring matches.

See #120.

comment:5 Changed 7 weeks ago by blee

(In [547]) Set statefile in confman inst and shift the right number of variables
in conf_install for function signature change.

See #120

comment:6 Changed 7 weeks ago by blee

(In [548]) Also reverse the recipe in confaudit for consistency.

See #120

comment:7 Changed 7 weeks ago by blee

(In [549]) Move the file conf_get_prop calls in conf_rollout into the conditional
to be consistent with the directory calls. This is also a minor
performance optimization when a file is duplicated in a large number
of modules.

See #120

comment:8 Changed 7 weeks ago by blee

(In [550]) Also reverse the recipe in confsync.

See #120

comment:9 Changed 7 weeks ago by blee

(In [551]) Also add statefile creation to confman audit.

See #120

comment:10 Changed 7 weeks ago by blee

(In [552]) Add debug messages to indicate when files and directories are being
ignored because a higher-priority module already installed them.

See #120

comment:11 Changed 7 weeks ago by blee

(In [553]) Correct typo in variable name.

See #120

comment:12 Changed 7 weeks ago by blee

  • Owner changed from confman-developers@… to blee
  • Status changed from new to needsmerge

comment:13 Changed 7 weeks ago by blee

  • Status changed from needsmerge to closed
  • Resolution set to fixed

(In [568]) Merge fix for #120 into confman-1.9.

Closes #120

Note: See TracTickets for help on using tickets.