summaryrefslogtreecommitdiff
path: root/apt-pkg/deb
diff options
context:
space:
mode:
authorJulian Andres Klode <jak@debian.org>2017-01-29 13:05:18 +0100
committerJulian Andres Klode <julian.klode@canonical.com>2018-09-28 13:25:32 +0200
commit8a9a2147bc4346c7e3da8a08719b8f2686d65887 (patch)
treef886d60b1e6e1c171d0274d9f9e333e20c53d3ec /apt-pkg/deb
parent8e28398f3bc9cc9e8c5a038ef26823fc41dc5910 (diff)
Add support for dpkg frontend lock
The dpkg frontend lock is a lock dpkg tries to acquire except if the frontend already acquires it. This fixes a race condition in the install command where the dpkg lock is not held for a short period of time between different dpkg invocations. For this reason we also define an environment variable DPKG_FRONTEND_LOCKED for dpkg invocations so dpkg knows not to try to acquire the frontend lock because it's held by a parent process. We can set DPKG_FRONTEND_LOCKED only if the frontend lock really is held; that is, if our lock count is greater than 0 - otherwise an apt client not using the LockInner family of functions would run dpkg without the frontend lock set, but with DPKG_FRONTEND_LOCKED set. Such a process has a weaker guarantee: Because dpkg would not lock the frontend lock either, the process is prone to the existing races, and, more importantly, so is a new style process. Closes: #869546 [fixups: fix error messages, add public IsLocked() method, and make {Un,}LockInner return an error on !debSystem] (cherry picked from commit c2c8b4787b0882234ba2772ec7513afbf97b563a) LP: #1781169 (cherry picked from commit 6c0c94ed32b8e679b14b0f89b51c1c336dc0ab9c)
Diffstat (limited to 'apt-pkg/deb')
-rw-r--r--apt-pkg/deb/debsystem.cc55
-rw-r--r--apt-pkg/deb/debsystem.h4
-rw-r--r--apt-pkg/deb/dpkgpm.cc5
3 files changed, 56 insertions, 8 deletions
diff --git a/apt-pkg/deb/debsystem.cc b/apt-pkg/deb/debsystem.cc
index 7118b534b..c087d6914 100644
--- a/apt-pkg/deb/debsystem.cc
+++ b/apt-pkg/deb/debsystem.cc
@@ -46,10 +46,11 @@ debSystem debSys;
class APT_HIDDEN debSystemPrivate {
public:
- debSystemPrivate() : LockFD(-1), LockCount(0), StatusFile(0)
+ debSystemPrivate() : FrontendLockFD(-1), LockFD(-1), LockCount(0), StatusFile(0)
{
}
// For locking support
+ int FrontendLockFD;
int LockFD;
unsigned LockCount;
@@ -86,22 +87,30 @@ bool debSystem::Lock()
}
// Create the lockfile
- string AdminDir = flNotFile(_config->Find("Dir::State::status"));
- d->LockFD = GetLock(AdminDir + "lock");
- if (d->LockFD == -1)
+ string AdminDir = flNotFile(_config->FindFile("Dir::State::status"));
+ string FrontendLockFile = AdminDir + "lock-frontend";
+ d->FrontendLockFD = GetLock(FrontendLockFile);
+ if (d->FrontendLockFD == -1)
{
if (errno == EACCES || errno == EAGAIN)
- return _error->Error(_("Unable to lock the administration directory (%s), "
- "is another process using it?"),AdminDir.c_str());
+ return _error->Error(_("Unable to acquire the dpkg frontend lock (%s), "
+ "is another process using it?"),FrontendLockFile.c_str());
else
- return _error->Error(_("Unable to lock the administration directory (%s), "
- "are you root?"),AdminDir.c_str());
+ return _error->Error(_("Unable to acquire the dpkg frontend lock (%s), "
+ "are you root?"),FrontendLockFile.c_str());
+ }
+ if (LockInner() == false)
+ {
+ close(d->FrontendLockFD);
+ return false;
}
// See if we need to abort with a dirty journal
if (CheckUpdates() == true)
{
close(d->LockFD);
+ close(d->FrontendLockFD);
+ d->FrontendLockFD = -1;
d->LockFD = -1;
const char *cmd;
if (getenv("SUDO_USER") != NULL)
@@ -118,6 +127,21 @@ bool debSystem::Lock()
return true;
}
+
+bool debSystem::LockInner() {
+ string AdminDir = flNotFile(_config->FindFile("Dir::State::status"));
+ d->LockFD = GetLock(AdminDir + "lock");
+ if (d->LockFD == -1)
+ {
+ if (errno == EACCES || errno == EAGAIN)
+ return _error->Error(_("Unable to lock the administration directory (%s), "
+ "is another process using it?"),AdminDir.c_str());
+ else
+ return _error->Error(_("Unable to lock the administration directory (%s), "
+ "are you root?"),AdminDir.c_str());
+ }
+ return true;
+}
/*}}}*/
// System::UnLock - Drop a lock /*{{{*/
// ---------------------------------------------------------------------
@@ -131,12 +155,27 @@ bool debSystem::UnLock(bool NoErrors)
return _error->Error(_("Not locked"));
if (--d->LockCount == 0)
{
+ close(d->FrontendLockFD);
close(d->LockFD);
d->LockCount = 0;
}
return true;
}
+bool debSystem::UnLockInner(bool NoErrors) {
+ (void) NoErrors;
+ close(d->LockFD);
+ return true;
+}
+ /*}}}*/
+// System::IsLocked - Check if system is locked /*{{{*/
+// ---------------------------------------------------------------------
+/* This checks if the frontend lock is hold. The inner lock might be
+ * released. */
+bool debSystem::IsLocked()
+{
+ return d->LockCount > 0;
+}
/*}}}*/
// System::CheckUpdates - Check if the updates dir is dirty /*{{{*/
// ---------------------------------------------------------------------
diff --git a/apt-pkg/deb/debsystem.h b/apt-pkg/deb/debsystem.h
index 5185c92d8..2eb22a40f 100644
--- a/apt-pkg/deb/debsystem.h
+++ b/apt-pkg/deb/debsystem.h
@@ -52,6 +52,10 @@ class debSystem : public pkgSystem
APT_HIDDEN static pid_t ExecDpkg(std::vector<std::string> const &sArgs, int * const inputFd, int * const outputFd, bool const DiscardOutput);
APT_HIDDEN static bool SupportsMultiArch();
APT_HIDDEN static std::vector<std::string> SupportedArchitectures();
+
+ APT_HIDDEN bool LockInner();
+ APT_HIDDEN bool UnLockInner(bool NoErrors=false);
+ APT_HIDDEN bool IsLocked();
};
extern debSystem debSys;
diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc
index 533d9b367..37452f3d3 100644
--- a/apt-pkg/deb/dpkgpm.cc
+++ b/apt-pkg/deb/dpkgpm.cc
@@ -1521,6 +1521,11 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress)
_exit(100);
}
+ if (dynamic_cast<debSystem*>(_system) != nullptr
+ && dynamic_cast<debSystem*>(_system)->IsLocked() == true) {
+ setenv("DPKG_FRONTEND_LOCKED", "true", 1);
+ }
+
execvp(Args[0], (char**) &Args[0]);
cerr << "Could not exec dpkg!" << endl;
_exit(100);