1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
/*
* This is a hack, but until libc and glibc both include this function
* by default (libc only includes it if nys is not being used, at the
* moment, and glibc doesn't appear to have it at all) we need to have
* it here, too. :-(
*
* This should not become an official part of PAM.
*
* BEGIN_HACK
*/
/*
* lckpwdf.c -- prevent simultaneous updates of password files
*
* Before modifying any of the password files, call lckpwdf(). It may block
* for up to 15 seconds trying to get the lock. Return value is 0 on success
* or -1 on failure. When you are done, call ulckpwdf() to release the lock.
* The lock is also released automatically when the process exits. Only one
* process at a time may hold the lock.
*
* These functions are supposed to be conformant with AT&T SVID Issue 3.
*
* Written by Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>,
* public domain.
*/
#include <fcntl.h>
#include <signal.h>
#define LOCKFILE "/etc/.pwd.lock"
#define TIMEOUT 15
static int lockfd = -1;
static int set_close_on_exec(int fd)
{
int flags = fcntl(fd, F_GETFD, 0);
if (flags == -1)
return -1;
flags |= FD_CLOEXEC;
return fcntl(fd, F_SETFD, flags);
}
static int do_lock(int fd)
{
struct flock fl;
memset(&fl, 0, sizeof fl);
fl.l_type = F_WRLCK;
fl.l_whence = SEEK_SET;
return fcntl(fd, F_SETLKW, &fl);
}
static void alarm_catch(int sig)
{
/* does nothing, but fcntl F_SETLKW will fail with EINTR */
}
static int lckpwdf(void)
{
struct sigaction act, oldact;
sigset_t set, oldset;
if (lockfd != -1)
return -1;
lockfd = open(LOCKFILE, O_CREAT | O_WRONLY, 0600);
if (lockfd == -1)
return -1;
if (set_close_on_exec(lockfd) == -1)
goto cleanup_fd;
memset(&act, 0, sizeof act);
act.sa_handler = alarm_catch;
act.sa_flags = 0;
sigfillset(&act.sa_mask);
if (sigaction(SIGALRM, &act, &oldact) == -1)
goto cleanup_fd;
sigemptyset(&set);
sigaddset(&set, SIGALRM);
if (sigprocmask(SIG_UNBLOCK, &set, &oldset) == -1)
goto cleanup_sig;
alarm(TIMEOUT);
if (do_lock(lockfd) == -1)
goto cleanup_alarm;
alarm(0);
sigprocmask(SIG_SETMASK, &oldset, NULL);
sigaction(SIGALRM, &oldact, NULL);
return 0;
cleanup_alarm:
alarm(0);
sigprocmask(SIG_SETMASK, &oldset, NULL);
cleanup_sig:
sigaction(SIGALRM, &oldact, NULL);
cleanup_fd:
close(lockfd);
lockfd = -1;
return -1;
}
static int ulckpwdf(void)
{
unlink(LOCKFILE);
if (lockfd == -1)
return -1;
if (close(lockfd) == -1) {
lockfd = -1;
return -1;
}
lockfd = -1;
return 0;
}
/* END_HACK */
|