summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulian Andres Klode <jak@debian.org>2017-01-29 13:05:18 +0100
committerJulian Andres Klode <julian.klode@canonical.com>2018-09-28 13:25:32 +0200
commit8a9a2147bc4346c7e3da8a08719b8f2686d65887 (patch)
treef886d60b1e6e1c171d0274d9f9e333e20c53d3ec
parent8e28398f3bc9cc9e8c5a038ef26823fc41dc5910 (diff)
Add support for dpkg frontend lock
The dpkg frontend lock is a lock dpkg tries to acquire except if the frontend already acquires it. This fixes a race condition in the install command where the dpkg lock is not held for a short period of time between different dpkg invocations. For this reason we also define an environment variable DPKG_FRONTEND_LOCKED for dpkg invocations so dpkg knows not to try to acquire the frontend lock because it's held by a parent process. We can set DPKG_FRONTEND_LOCKED only if the frontend lock really is held; that is, if our lock count is greater than 0 - otherwise an apt client not using the LockInner family of functions would run dpkg without the frontend lock set, but with DPKG_FRONTEND_LOCKED set. Such a process has a weaker guarantee: Because dpkg would not lock the frontend lock either, the process is prone to the existing races, and, more importantly, so is a new style process. Closes: #869546 [fixups: fix error messages, add public IsLocked() method, and make {Un,}LockInner return an error on !debSystem] (cherry picked from commit c2c8b4787b0882234ba2772ec7513afbf97b563a) LP: #1781169 (cherry picked from commit 6c0c94ed32b8e679b14b0f89b51c1c336dc0ab9c)
-rw-r--r--apt-pkg/deb/debsystem.cc55
-rw-r--r--apt-pkg/deb/debsystem.h4
-rw-r--r--apt-pkg/deb/dpkgpm.cc5
-rw-r--r--apt-pkg/pkgsystem.cc25
-rw-r--r--apt-pkg/pkgsystem.h12
-rw-r--r--apt-private/private-install.cc6
6 files changed, 97 insertions, 10 deletions
diff --git a/apt-pkg/deb/debsystem.cc b/apt-pkg/deb/debsystem.cc
index 7118b534b..c087d6914 100644
--- a/apt-pkg/deb/debsystem.cc
+++ b/apt-pkg/deb/debsystem.cc
@@ -46,10 +46,11 @@ debSystem debSys;
class APT_HIDDEN debSystemPrivate {
public:
- debSystemPrivate() : LockFD(-1), LockCount(0), StatusFile(0)
+ debSystemPrivate() : FrontendLockFD(-1), LockFD(-1), LockCount(0), StatusFile(0)
{
}
// For locking support
+ int FrontendLockFD;
int LockFD;
unsigned LockCount;
@@ -86,22 +87,30 @@ bool debSystem::Lock()
}
// Create the lockfile
- string AdminDir = flNotFile(_config->Find("Dir::State::status"));
- d->LockFD = GetLock(AdminDir + "lock");
- if (d->LockFD == -1)
+ string AdminDir = flNotFile(_config->FindFile("Dir::State::status"));
+ string FrontendLockFile = AdminDir + "lock-frontend";
+ d->FrontendLockFD = GetLock(FrontendLockFile);
+ if (d->FrontendLockFD == -1)
{
if (errno == EACCES || errno == EAGAIN)
- return _error->Error(_("Unable to lock the administration directory (%s), "
- "is another process using it?"),AdminDir.c_str());
+ return _error->Error(_("Unable to acquire the dpkg frontend lock (%s), "
+ "is another process using it?"),FrontendLockFile.c_str());
else
- return _error->Error(_("Unable to lock the administration directory (%s), "
- "are you root?"),AdminDir.c_str());
+ return _error->Error(_("Unable to acquire the dpkg frontend lock (%s), "
+ "are you root?"),FrontendLockFile.c_str());
+ }
+ if (LockInner() == false)
+ {
+ close(d->FrontendLockFD);
+ return false;
}
// See if we need to abort with a dirty journal
if (CheckUpdates() == true)
{
close(d->LockFD);
+ close(d->FrontendLockFD);
+ d->FrontendLockFD = -1;
d->LockFD = -1;
const char *cmd;
if (getenv("SUDO_USER") != NULL)
@@ -118,6 +127,21 @@ bool debSystem::Lock()
return true;
}
+
+bool debSystem::LockInner() {
+ string AdminDir = flNotFile(_config->FindFile("Dir::State::status"));
+ d->LockFD = GetLock(AdminDir + "lock");
+ if (d->LockFD == -1)
+ {
+ if (errno == EACCES || errno == EAGAIN)
+ return _error->Error(_("Unable to lock the administration directory (%s), "
+ "is another process using it?"),AdminDir.c_str());
+ else
+ return _error->Error(_("Unable to lock the administration directory (%s), "
+ "are you root?"),AdminDir.c_str());
+ }
+ return true;
+}
/*}}}*/
// System::UnLock - Drop a lock /*{{{*/
// ---------------------------------------------------------------------
@@ -131,12 +155,27 @@ bool debSystem::UnLock(bool NoErrors)
return _error->Error(_("Not locked"));
if (--d->LockCount == 0)
{
+ close(d->FrontendLockFD);
close(d->LockFD);
d->LockCount = 0;
}
return true;
}
+bool debSystem::UnLockInner(bool NoErrors) {
+ (void) NoErrors;
+ close(d->LockFD);
+ return true;
+}
+ /*}}}*/
+// System::IsLocked - Check if system is locked /*{{{*/
+// ---------------------------------------------------------------------
+/* This checks if the frontend lock is hold. The inner lock might be
+ * released. */
+bool debSystem::IsLocked()
+{
+ return d->LockCount > 0;
+}
/*}}}*/
// System::CheckUpdates - Check if the updates dir is dirty /*{{{*/
// ---------------------------------------------------------------------
diff --git a/apt-pkg/deb/debsystem.h b/apt-pkg/deb/debsystem.h
index 5185c92d8..2eb22a40f 100644
--- a/apt-pkg/deb/debsystem.h
+++ b/apt-pkg/deb/debsystem.h
@@ -52,6 +52,10 @@ class debSystem : public pkgSystem
APT_HIDDEN static pid_t ExecDpkg(std::vector<std::string> const &sArgs, int * const inputFd, int * const outputFd, bool const DiscardOutput);
APT_HIDDEN static bool SupportsMultiArch();
APT_HIDDEN static std::vector<std::string> SupportedArchitectures();
+
+ APT_HIDDEN bool LockInner();
+ APT_HIDDEN bool UnLockInner(bool NoErrors=false);
+ APT_HIDDEN bool IsLocked();
};
extern debSystem debSys;
diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc
index 533d9b367..37452f3d3 100644
--- a/apt-pkg/deb/dpkgpm.cc
+++ b/apt-pkg/deb/dpkgpm.cc
@@ -1521,6 +1521,11 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress)
_exit(100);
}
+ if (dynamic_cast<debSystem*>(_system) != nullptr
+ && dynamic_cast<debSystem*>(_system)->IsLocked() == true) {
+ setenv("DPKG_FRONTEND_LOCKED", "true", 1);
+ }
+
execvp(Args[0], (char**) &Args[0]);
cerr << "Could not exec dpkg!" << endl;
_exit(100);
diff --git a/apt-pkg/pkgsystem.cc b/apt-pkg/pkgsystem.cc
index 530150221..99d104310 100644
--- a/apt-pkg/pkgsystem.cc
+++ b/apt-pkg/pkgsystem.cc
@@ -13,6 +13,7 @@
#include<config.h>
#include <apt-pkg/debsystem.h>
+#include <apt-pkg/error.h>
#include <apt-pkg/pkgsystem.h>
#include <apt-pkg/macros.h>
@@ -64,4 +65,28 @@ std::vector<std::string> pkgSystem::ArchitecturesSupported() const /*{{{*/
}
/*}}}*/
+bool pkgSystem::LockInner() /*{{{*/
+{
+ debSystem * const deb = dynamic_cast<debSystem *>(this);
+ if (deb != NULL)
+ return deb->LockInner();
+ return _error->Error("LockInner is not implemented");
+}
+ /*}}}*/
+bool pkgSystem::UnLockInner(bool NoErrors) /*{{{*/
+{
+ debSystem * const deb = dynamic_cast<debSystem *>(this);
+ if (deb != NULL)
+ return deb->UnLockInner(NoErrors);
+ return _error->Error("UnLockInner is not implemented");
+}
+ /*}}}*/
+bool pkgSystem::IsLocked() /*{{{*/
+{
+ debSystem * const deb = dynamic_cast<debSystem *>(this);
+ if (deb != NULL)
+ return deb->IsLocked();
+ return true;
+}
+ /*}}}*/
pkgSystem::~pkgSystem() {}
diff --git a/apt-pkg/pkgsystem.h b/apt-pkg/pkgsystem.h
index 55bdeec70..8c7c300fb 100644
--- a/apt-pkg/pkgsystem.h
+++ b/apt-pkg/pkgsystem.h
@@ -116,6 +116,18 @@ class pkgSystem
pkgSystem(char const * const Label, pkgVersioningSystem * const VS);
virtual ~pkgSystem();
+
+
+ /* companions to Lock()/UnLock
+ *
+ * These functions can be called prior to calling dpkg to release an inner
+ * lock without releasing the overall outer lock, so that dpkg can run
+ * correctly but no other APT instance can acquire the system lock.
+ */
+ bool LockInner();
+ bool UnLockInner(bool NoErrors = false);
+ /// checks if the system is currently locked
+ bool IsLocked();
private:
void * const d;
};
diff --git a/apt-private/private-install.cc b/apt-private/private-install.cc
index 0377955ae..356d1cd36 100644
--- a/apt-private/private-install.cc
+++ b/apt-private/private-install.cc
@@ -346,7 +346,7 @@ bool InstallPackages(CacheFile &Cache,bool ShwKept,bool Ask, bool Safety)
return _error->Error(_("Aborting install."));
}
- _system->UnLock();
+ _system->UnLockInner();
APT::Progress::PackageManager *progress = APT::Progress::PackageManagerProgressFactory();
pkgPackageManager::OrderResult Res = PM->DoInstall(progress);
@@ -356,7 +356,9 @@ bool InstallPackages(CacheFile &Cache,bool ShwKept,bool Ask, bool Safety)
return false;
if (Res == pkgPackageManager::Completed)
break;
-
+
+ _system->LockInner();
+
// Reload the fetcher object and loop again for media swapping
Fetcher.Shutdown();
if (PM->GetArchives(&Fetcher,List,&Recs) == false)