1 /* $Cambridge: exim/src/src/exim_lock.c,v 1.4 2010/05/29 12:11:48 pdp Exp $ */
3 /* A program to lock a file exactly as Exim would, for investigation of
6 Options: -fcntl use fcntl() lock
7 -flock use flock() lock
8 -lockfile use lock file
9 -mbx use mbx locking rules, with either fcntl() or flock()
11 Default is -fcntl -lockfile.
13 Argument: the name of the lock file
28 #include <sys/utsname.h>
33 /* Not all systems have flock() available. Those that do must define LOCK_SH
46 /* Flag for timeout signal handler */
48 static int sigalrm_seen = FALSE;
51 /* We need to pull in strerror() and os_non_restarting_signal() from the
52 os.c source, if they are required for this OS. However, we don't need any of
53 the other stuff in os.c, so force the other macros to omit it. */
55 #ifndef OS_RESTARTING_SIGNAL
56 #define OS_RESTARTING_SIGNAL
67 #ifndef OS_LOAD_AVERAGE
68 #define OS_LOAD_AVERAGE
71 #ifndef FIND_RUNNING_INTERFACES
72 #define FIND_RUNNING_INTERFACES
75 #include "../src/os.c"
79 /*************************************************
81 *************************************************/
84 sigalrm_handler(int sig)
86 sig = sig; /* Keep picky compilers happy */
92 /*************************************************
93 * Give usage and die *
94 *************************************************/
99 printf("usage: exim_lock [-v] [-q] [-lockfile] [-fcntl] [-flock] [-mbx]\n"
100 " [-retries <n>] [-interval <n>] [-timeout <n>] [-restore-times]\n"
101 " <file name> [command]\n");
107 /*************************************************
108 * Apply a lock to a file descriptor *
109 *************************************************/
112 apply_lock(int fd, int fcntltype, BOOL dofcntl, int fcntltime, BOOL doflock,
117 struct flock lock_data;
118 lock_data.l_type = fcntltype;
119 lock_data.l_whence = lock_data.l_start = lock_data.l_len = 0;
121 sigalrm_seen = FALSE;
127 os_non_restarting_signal(SIGALRM, sigalrm_handler);
129 yield = fcntl(fd, F_SETLKW, &lock_data);
134 else yield = fcntl(fd, F_SETLK, &lock_data);
135 if (yield < 0) printf("exim_lock: fcntl() failed: %s\n", strerror(errno));
139 if (doflock && (yield >= 0))
141 int flocktype = (fcntltype == F_WRLCK)? LOCK_EX : LOCK_SH;
144 os_non_restarting_signal(SIGALRM, sigalrm_handler);
146 yield = flock(fd, flocktype);
151 else yield = flock(fd, flocktype | LOCK_NB);
152 if (yield < 0) printf("exim_lock: flock() failed: %s\n", strerror(errno));
161 /*************************************************
162 * The exim_lock program *
163 *************************************************/
165 int main(int argc, char **argv)
167 int lock_retries = 10;
168 int lock_interval = 3;
169 int lock_fcntl_timeout = 0;
170 int lock_flock_timeout = 0;
176 int now = time(NULL);
177 BOOL use_lockfile = FALSE;
178 BOOL use_fcntl = FALSE;
179 BOOL use_flock = FALSE;
180 BOOL use_mbx = FALSE;
181 BOOL verbose = FALSE;
183 BOOL restore_times = FALSE;
185 char *lockname = NULL, *hitchname = NULL;
186 char *primary_hostname, *command;
193 for (i = 1; i < argc; i++)
196 if (*arg != '-') break;
197 if (strcmp(arg, "-fcntl") == 0) use_fcntl = TRUE;
198 else if (strcmp(arg, "-flock") == 0) use_flock = TRUE;
199 else if (strcmp(arg, "-lockfile") == 0) use_lockfile = TRUE;
200 else if (strcmp(arg, "-mbx") == 0) use_mbx = TRUE;
201 else if (strcmp(arg, "-v") == 0) verbose = TRUE;
202 else if (strcmp(arg, "-q") == 0) quiet = TRUE;
203 else if (strcmp(arg, "-restore-times") == 0) restore_times = TRUE;
206 int value = atoi(argv[i]);
207 if (strcmp(arg, "-retries") == 0) lock_retries = value;
208 else if (strcmp(arg, "-interval") == 0) lock_interval = value;
209 else if (strcmp(arg, "-timeout") == 0)
210 lock_fcntl_timeout = lock_flock_timeout = value;
216 if (quiet) verbose = 0;
218 /* Can't use flock() if the OS doesn't provide it */
223 printf("exim_lock: can't use flock() because it was not available in the\n"
224 " operating system when exim_lock was compiled\n");
229 /* Default is to use lockfiles and fcntl(). */
231 if (!use_lockfile && !use_fcntl && !use_flock && !use_mbx)
232 use_lockfile = use_fcntl = TRUE;
234 /* Default fcntl() for use with mbx */
236 if (use_mbx && !use_fcntl && !use_flock) use_fcntl = TRUE;
238 /* Unset unused timeouts */
240 if (!use_fcntl) lock_fcntl_timeout = 0;
241 if (!use_flock) lock_flock_timeout = 0;
243 /* A file name is required */
245 if (i >= argc) usage();
247 filename = argv[i++];
249 /* Expand file names starting with ~ */
251 if (*filename == '~')
255 if (*(++filename) == '/')
256 pw = getpwuid(getuid());
260 while (*filename != 0 && *filename != '/')
263 pw = getpwnam(buffer);
268 printf("exim_lock: unable to expand file name %s\n", argv[i-1]);
272 if ((int)strlen(pw->pw_dir) + (int)strlen(filename) + 1 > sizeof(buffer))
274 printf("exim_lock: expanded file name %s%s is too long", pw->pw_dir,
279 strcpy(buffer, pw->pw_dir);
280 strcat(buffer, filename);
284 /* If using a lock file, prepare by creating the lock file name and
285 the hitching post name. */
291 printf("exim_lock: failed to find host name using uname()\n");
294 primary_hostname = s.nodename;
296 len = (int)strlen(filename);
297 lockname = malloc(len + 8);
298 sprintf(lockname, "%s.lock", filename);
299 hitchname = malloc(len + 32 + (int)strlen(primary_hostname));
300 sprintf(hitchname, "%s.%s.%08x.%08x", lockname, primary_hostname,
304 printf("exim_lock: lockname = %s\n hitchname = %s\n", lockname,
308 /* Locking retry loop */
310 for (j = 0; j < lock_retries; j++)
312 int sleep_before_retry = TRUE;
313 struct stat statbuf, ostatbuf, lstatbuf, statbuf2;
316 /* Try to build a lock file if so configured */
321 if (verbose) printf("exim_lock: creating lock file\n");
322 hd = open(hitchname, O_WRONLY | O_CREAT | O_EXCL, 0440);
325 printf("exim_lock: failed to create hitching post %s: %s\n", hitchname,
330 /* Apply hitching post algorithm. */
332 if ((rc = link(hitchname, lockname)) != 0) fstat(hd, &statbuf);
336 if (rc != 0 && statbuf.st_nlink != 2)
338 printf("exim_lock: failed to link hitching post to lock file\n");
343 if (!quiet) printf("exim_lock: lock file successfully created\n");
346 /* We are done if no other locking required. */
348 if (!use_fcntl && !use_flock && !use_mbx) break;
350 /* Open the file for writing. */
352 fd = open(filename, O_RDWR + O_APPEND);
355 printf("exim_lock: failed to open %s for writing: %s\n", filename,
361 /* If there is a timeout, implying blocked locking, we don't want to
362 sleep before any retries after this. */
364 if (lock_fcntl_timeout > 0 || lock_flock_timeout > 0)
365 sleep_before_retry = FALSE;
367 /* Lock using fcntl. There are pros and cons to using a blocking call vs
368 a non-blocking call and retries. Exim is non-blocking by default, but setting
369 a timeout changes it to blocking. */
371 if (!use_mbx && (use_fcntl || use_flock))
373 if (apply_lock(fd, F_WRLCK, use_fcntl, lock_fcntl_timeout, use_flock,
374 lock_flock_timeout) >= 0)
378 if (use_fcntl) printf("exim_lock: fcntl() lock successfully applied\n");
379 if (use_flock) printf("exim_lock: flock() lock successfully applied\n");
383 else goto RETRY; /* Message already output */
386 /* Lock using MBX rules. This is complicated and is documented with the
387 source of the c-client library that goes with Pine and IMAP. What has to
388 be done to interwork correctly is to take out a shared lock on the mailbox,
389 and an exclusive lock on a /tmp file. */
393 if (apply_lock(fd, F_RDLCK, use_fcntl, lock_fcntl_timeout, use_flock,
394 lock_flock_timeout) >= 0)
399 printf("exim_lock: fcntl() read lock successfully applied\n");
401 printf("exim_lock: fcntl() read lock successfully applied\n");
404 else goto RETRY; /* Message already output */
406 if (fstat(fd, &statbuf) < 0)
408 printf("exim_lock: fstat() of %s failed: %s\n", filename,
414 /* Set up file in /tmp and check its state if already existing. */
416 sprintf(tempname, "/tmp/.%lx.%lx", (long)statbuf.st_dev,
417 (long)statbuf.st_ino);
419 if (lstat(tempname, &statbuf) >= 0)
421 if ((statbuf.st_mode & S_IFMT) == S_IFLNK)
423 printf("exim_lock: symbolic link on lock name %s\n", tempname);
427 if (statbuf.st_nlink > 1)
429 printf("exim_lock: hard link to lock name %s\n", tempname);
435 mbx_tmp_oflags = O_RDWR | O_CREAT;
437 mbx_tmp_oflags |= O_NOFOLLOW;
439 md = open(tempname, mbx_tmp_oflags, 0600);
442 printf("exim_lock: failed to create mbx lock file %s: %s\n",
443 tempname, strerror(errno));
447 /* security fixes from 2010-05 */
448 if (lstat(tempname, &lstatbuf) < 0)
450 printf("exim_lock: failed to lstat(%s) after opening it: %s\n",
451 tempname, strerror(errno));
454 if (fstat(md, &statbuf2) < 0)
456 printf("exim_lock: failed to fstat() open fd of \"%s\": %s\n",
457 tempname, strerror(errno));
460 if ((statbuf2.st_nlink > 1) ||
461 (lstatbuf.st_nlink > 1) ||
462 (!S_ISREG(lstatbuf.st_mode)) ||
463 (lstatbuf.st_dev != statbuf2.st_dev) ||
464 (lstatbuf.st_ino != statbuf2.st_ino))
466 printf("exim_lock: race condition exploited against us when "
467 "locking \"%s\"\n", tempname);
471 (void)chmod(tempname, 0600);
473 if (apply_lock(md, F_WRLCK, use_fcntl, lock_fcntl_timeout, use_flock,
474 lock_flock_timeout) >= 0)
479 printf("exim_lock: fcntl() lock successfully applied to mbx "
480 "lock file %s\n", tempname);
482 printf("exim_lock: flock() lock successfully applied to mbx "
483 "lock file %s\n", tempname);
486 /* This test checks for a race condition */
488 if (lstat(tempname, &statbuf) != 0 ||
489 fstat(md, &ostatbuf) != 0 ||
490 statbuf.st_dev != ostatbuf.st_dev ||
491 statbuf.st_ino != ostatbuf.st_ino)
493 if (!quiet) printf("exim_lock: mbx lock file %s changed between "
494 "creation and locking\n", tempname);
499 else goto RETRY; /* Message already output */
502 /* Clean up before retrying */
509 printf("exim_lock: close %s failed: %s\n", tempname, strerror(errno));
511 if (!quiet) printf("exim_lock: %s closed\n", tempname);
518 printf("exim_lock: close failed: %s\n", strerror(errno));
520 if (!quiet) printf("exim_lock: file closed\n");
526 if (unlink(lockname) < 0)
527 printf("exim_lock: unlink of %s failed: %s\n", lockname, strerror(errno));
529 if (!quiet) printf("exim_lock: lock file removed\n");
533 /* If a blocking call timed out, break the retry loop if the total time
534 so far is not less than than retries * interval. */
537 (j + 1) * ((lock_fcntl_timeout > lock_flock_timeout)?
538 lock_fcntl_timeout : lock_flock_timeout) >=
539 lock_retries * lock_interval)
542 /* Wait a bit before retrying, except when it was a blocked fcntl() that
543 caused the problem. */
545 if (j < lock_retries && sleep_before_retry)
547 printf(" ... waiting\n");
548 sleep(lock_interval);
552 if (j >= lock_retries)
554 printf("exim_lock: locking failed too many times\n");
559 if (!quiet) printf("exim_lock: locking %s succeeded: ", filename);
561 /* If there are no further arguments, run the user's shell; otherwise
562 the next argument is a command to run. */
566 command = getenv("SHELL");
567 if (command == NULL || *command == 0) command = "/bin/sh";
568 if (!quiet) printf("running %s ...\n", command);
573 if (!quiet) printf("running the command ...\n");
576 /* Run the command, saving and restoring the times if required. */
580 struct stat strestore;
582 stat(filename, &strestore);
583 (void)system(command);
584 ut.actime = strestore.st_atime;
585 ut.modtime = strestore.st_mtime;
586 utime(filename, &ut);
588 else (void)system(command);
590 /* Remove the locks and exit. Unlink the /tmp file if we can get an exclusive
591 lock on the mailbox. This should be a non-blocking lock call, as there is no
598 if (apply_lock(fd, F_WRLCK, use_fcntl, 0, use_flock, 0) >= 0)
600 if (!quiet) printf("exim_lock: %s unlinked - no sharers\n", tempname);
604 printf("exim_lock: %s not unlinked - unable to get exclusive mailbox lock\n",
607 printf("exim_lock: close %s failed: %s\n", tempname, strerror(errno));
609 if (!quiet) printf("exim_lock: %s closed\n", tempname);
615 printf("exim_lock: close %s failed: %s\n", filename, strerror(errno));
617 if (!quiet) printf("exim_lock: %s closed\n", filename);
622 if (unlink(lockname) < 0)
623 printf("exim_lock: unlink %s failed: %s\n", lockname, strerror(errno));
625 if (!quiet) printf("exim_lock: lock file removed\n");
git://git.exim.org / exim.git / blob