[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#25342: GNU coreutils: race condition in "ln -f source dest"

From: Mirsad Goran Todorovac
Subject: bug#25342: GNU coreutils: race condition in "ln -f source dest"
Date: Thu, 5 Jan 2017 09:30:42 +0000 (UTC)

Obvious advantage is that unlink ("dest") is not required if it exists, thus we 
offer a workaround for race condition.In first example:
# ln -f /etc/resolv.conf.new /etc/resolv.conf
there was a time period between
unlink ("/etc/resolv.conf"); andlinkat (AT_CDWFD, "/etc/resolv.conf.new", 
AT_CWDFD, "/etc/resolv.conf", logical ? AT_SYMLINK_FOLLOW : 0);

between these two syscalls process or thread may be preempted and other process 
(like browser) could fail in gethostbyname().This is just one example.
I will torment you no longer. Thank you for your patience Sir if you've read 
thus far. God bless!

little brother Mirsad 

    On Thursday, January 5, 2017 10:24 AM, Mirsad Goran Todorovac 
<address@hidden> wrote:

 The trace above should do a ln -b -f src dest, linking (hard linking to 
existing file providing a backup in "dest~", without at suffix and stuff, which 
is not important for the story):

EXAMPLE WITH BACKUP: ln -b -f src dest
                                                  initially we have:            
                                      "src" -> inode1                           
                       "dest" -> inode2
link ("dest", "dest~");
                        "src" -> inode1
                                                  "dest" -> inode2              
                                    "dest~" -> inode2
link ("src", "src.######.bak");                                                 
 now:                                                  "src" -> inode1          
                                        "src.######.bak" -> inode1              
                                    "dest" -> inode2                            
                      "dest~" -> inode2
rename ("src.######.bak", "dest");                                              
    finally:                                                  "src" -> inode1   
                                               "dest" -> inode1                 
                                 "dest~" -> inode2
Result is that "new" is backed up in "new~" "simulaneously", that is in single 
command while hard link "old" overwrites hard link "new".

The -b (backup) is optional, in which case we have only black parts, as follows:

WITHOUT BACKUP: ln -f src dest

                                                   initially we have:           
                                        "src" -> inode1                         
                          "dest" -> inode2
link ("src", "src.######.bak");                                                 
  now:                                                   "src" -> inode1        
                                           "src.######.bak" -> inode1           
                                        "src" -> inode2rename 
("src.######.bak", "dest");                                                   
finally:                                                   "src" -> inode1      
                                             "dest" -> inode1 
Where initial content of file "dest" was lost.Of course, it would be much 
better if linkat() had additional flag:
int linkat (AT_CWDFD, "source", AT_CWDFD, "dest", AT_SYMLINK_FOLLOW | 
but as you have correctly said, we cannot influence POSIX and Linux kernel 
Sorry if I took too much of your time. Thank Heavens for such good and logical 
design of UN*X filesystems.

Regards and All the best,M.T.

    On Thursday, January 5, 2017 9:50 AM, Mirsad Goran Todorovac 
<address@hidden> wrote:

 Pity, 'cause it works for me with a small workaround:link("copy2", "copy2~")   
              = 0
getpid()                                = 3085
linkat(AT_FDCWD, "copy", AT_FDCWD, "copy.003085.bak", 0) = 0
renameat(AT_FDCWD, "copy.003085.bak", AT_FDCWD, "copy2") = 0
I did not exactly understand? What else can be moved, if not two hard 
links?Directory entry can be one of pointer to inode (file, directory or less 
likely something else), or pointer to another directory entry (symbolic link), 
ain't that right?
Can you please provide me with a reference of such behavior of renameat()? I 
realized just now that you want to make your code universal and protable.On 
Ubuntu Linux it works for me.
address@hidden:~$ uname -a
Linux marvin-desktop 3.5.0-34-generic #55-Ubuntu SMP Thu Jun 6 20:20:19 UTC 
2013 i686 athlon i686 GNU/Linux
address@hidden:~$ dpkg -l | egrep 'libc6'
ii  libc6:i386                                 2.23-0ubuntu5                    
             i386         GNU C 

If you can provide me with a reference, I'll try to understand renameat() 
Best of luck in New Year,M.T.


    On Thursday, January 5, 2017 8:57 AM, Paul Eggert <address@hidden> wrote:

 Mirsad Goran Todorovac wrote:
> Please consider the trace below.

As I don't know what you're tracing, I don't know what to consider.

But really, the basic idea is simple: renameat mishandles the case where old 
new names are already hard links, and any code based on renameat needs to work 
around this problem. (We can't easily change renameat's behavior, as the 
behavior is required by POSIX.)




reply via email to

[Prev in Thread] Current Thread [Next in Thread]