diff options
author | Julian Andres Klode <jak@debian.org> | 2017-01-29 13:05:18 +0100 |
---|---|---|
committer | Julian Andres Klode <julian.klode@canonical.com> | 2018-09-28 13:25:32 +0200 |
commit | 8a9a2147bc4346c7e3da8a08719b8f2686d65887 (patch) | |
tree | f886d60b1e6e1c171d0274d9f9e333e20c53d3ec /apt-pkg/deb | |
parent | 8e28398f3bc9cc9e8c5a038ef26823fc41dc5910 (diff) |
Add support for dpkg frontend lock
The dpkg frontend lock is a lock dpkg tries to acquire
except if the frontend already acquires it.
This fixes a race condition in the install command where the
dpkg lock is not held for a short period of time between
different dpkg invocations.
For this reason we also define an environment variable
DPKG_FRONTEND_LOCKED for dpkg invocations so dpkg knows
not to try to acquire the frontend lock because it's held
by a parent process.
We can set DPKG_FRONTEND_LOCKED only if the frontend lock
really is held; that is, if our lock count is greater than 0
- otherwise an apt client not using the LockInner family of
functions would run dpkg without the frontend lock set, but
with DPKG_FRONTEND_LOCKED set. Such a process has a weaker
guarantee: Because dpkg would not lock the frontend lock
either, the process is prone to the existing races, and,
more importantly, so is a new style process.
Closes: #869546
[fixups: fix error messages, add public IsLocked() method, and
make {Un,}LockInner return an error on !debSystem]
(cherry picked from commit c2c8b4787b0882234ba2772ec7513afbf97b563a)
LP: #1781169
(cherry picked from commit 6c0c94ed32b8e679b14b0f89b51c1c336dc0ab9c)
Diffstat (limited to 'apt-pkg/deb')
-rw-r--r-- | apt-pkg/deb/debsystem.cc | 55 | ||||
-rw-r--r-- | apt-pkg/deb/debsystem.h | 4 | ||||
-rw-r--r-- | apt-pkg/deb/dpkgpm.cc | 5 |
3 files changed, 56 insertions, 8 deletions
diff --git a/apt-pkg/deb/debsystem.cc b/apt-pkg/deb/debsystem.cc index 7118b534b..c087d6914 100644 --- a/apt-pkg/deb/debsystem.cc +++ b/apt-pkg/deb/debsystem.cc @@ -46,10 +46,11 @@ debSystem debSys; class APT_HIDDEN debSystemPrivate { public: - debSystemPrivate() : LockFD(-1), LockCount(0), StatusFile(0) + debSystemPrivate() : FrontendLockFD(-1), LockFD(-1), LockCount(0), StatusFile(0) { } // For locking support + int FrontendLockFD; int LockFD; unsigned LockCount; @@ -86,22 +87,30 @@ bool debSystem::Lock() } // Create the lockfile - string AdminDir = flNotFile(_config->Find("Dir::State::status")); - d->LockFD = GetLock(AdminDir + "lock"); - if (d->LockFD == -1) + string AdminDir = flNotFile(_config->FindFile("Dir::State::status")); + string FrontendLockFile = AdminDir + "lock-frontend"; + d->FrontendLockFD = GetLock(FrontendLockFile); + if (d->FrontendLockFD == -1) { if (errno == EACCES || errno == EAGAIN) - return _error->Error(_("Unable to lock the administration directory (%s), " - "is another process using it?"),AdminDir.c_str()); + return _error->Error(_("Unable to acquire the dpkg frontend lock (%s), " + "is another process using it?"),FrontendLockFile.c_str()); else - return _error->Error(_("Unable to lock the administration directory (%s), " - "are you root?"),AdminDir.c_str()); + return _error->Error(_("Unable to acquire the dpkg frontend lock (%s), " + "are you root?"),FrontendLockFile.c_str()); + } + if (LockInner() == false) + { + close(d->FrontendLockFD); + return false; } // See if we need to abort with a dirty journal if (CheckUpdates() == true) { close(d->LockFD); + close(d->FrontendLockFD); + d->FrontendLockFD = -1; d->LockFD = -1; const char *cmd; if (getenv("SUDO_USER") != NULL) @@ -118,6 +127,21 @@ bool debSystem::Lock() return true; } + +bool debSystem::LockInner() { + string AdminDir = flNotFile(_config->FindFile("Dir::State::status")); + d->LockFD = GetLock(AdminDir + "lock"); + if (d->LockFD == -1) + { + if (errno == EACCES || errno == EAGAIN) + return _error->Error(_("Unable to lock the administration directory (%s), " + "is another process using it?"),AdminDir.c_str()); + else + return _error->Error(_("Unable to lock the administration directory (%s), " + "are you root?"),AdminDir.c_str()); + } + return true; +} /*}}}*/ // System::UnLock - Drop a lock /*{{{*/ // --------------------------------------------------------------------- @@ -131,12 +155,27 @@ bool debSystem::UnLock(bool NoErrors) return _error->Error(_("Not locked")); if (--d->LockCount == 0) { + close(d->FrontendLockFD); close(d->LockFD); d->LockCount = 0; } return true; } +bool debSystem::UnLockInner(bool NoErrors) { + (void) NoErrors; + close(d->LockFD); + return true; +} + /*}}}*/ +// System::IsLocked - Check if system is locked /*{{{*/ +// --------------------------------------------------------------------- +/* This checks if the frontend lock is hold. The inner lock might be + * released. */ +bool debSystem::IsLocked() +{ + return d->LockCount > 0; +} /*}}}*/ // System::CheckUpdates - Check if the updates dir is dirty /*{{{*/ // --------------------------------------------------------------------- diff --git a/apt-pkg/deb/debsystem.h b/apt-pkg/deb/debsystem.h index 5185c92d8..2eb22a40f 100644 --- a/apt-pkg/deb/debsystem.h +++ b/apt-pkg/deb/debsystem.h @@ -52,6 +52,10 @@ class debSystem : public pkgSystem APT_HIDDEN static pid_t ExecDpkg(std::vector<std::string> const &sArgs, int * const inputFd, int * const outputFd, bool const DiscardOutput); APT_HIDDEN static bool SupportsMultiArch(); APT_HIDDEN static std::vector<std::string> SupportedArchitectures(); + + APT_HIDDEN bool LockInner(); + APT_HIDDEN bool UnLockInner(bool NoErrors=false); + APT_HIDDEN bool IsLocked(); }; extern debSystem debSys; diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc index 533d9b367..37452f3d3 100644 --- a/apt-pkg/deb/dpkgpm.cc +++ b/apt-pkg/deb/dpkgpm.cc @@ -1521,6 +1521,11 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress) _exit(100); } + if (dynamic_cast<debSystem*>(_system) != nullptr + && dynamic_cast<debSystem*>(_system)->IsLocked() == true) { + setenv("DPKG_FRONTEND_LOCKED", "true", 1); + } + execvp(Args[0], (char**) &Args[0]); cerr << "Could not exec dpkg!" << endl; _exit(100); |