[Pkg-aide-maintainers] Bug#367337: /var/run/aide.lock breaks
non-root use of aide
Bob Proulx
bob at proulx.com
Mon May 15 07:23:03 UTC 2006
Package: aide
Version: 0.11a-3
Severity: normal
Tags: patch
Use of /var/run/aide.lock breaks non-root use of aide.
aide --config=$HOME/aide/conf --update
dotlockfile: /var/run/aide.lock: permission denied
cannot obtain lock /var/run/aide.lock, stale lock?
I suggest also using a lockfile only if no --config is given by the
user. Also, printing a message when a user is using --config is not
expected. I would like to see the message removed. Also when using
$@ you almost always want "$@". And passing raw arguments to echo can
open up possibility of problems there.
How about this?
#!/bin/sh
#
# Perform update-aide.conf call before calling aide, since the autogenerated
# configuration is now the default config file
PATH="/usr/sbin:/sbin:/usr/bin:/bin"
LOCKFILE="/var/run/aide.lock"
pathfind() {
OLDIFS="$IFS"
IFS=:
for p in $PATH; do
if [ -x "$p/$*" ]; then
IFS="$OLDIFS"
return 0
fi
done
IFS="$OLDIFS"
return 1
}
dotlocked=false
if ! printf "%b\n" "$*" | grep -q -e --config; then
if which dotlockfile >/dev/null 2>&1; then
if ! dotlockfile -p -l $LOCKFILE; then
echo >&2 "cannot obtain lock $LOCKFILE, stale lock?"
exit 1
fi
dotlocked=true
else
echo >&2 "no dotlockfile binary in path, not checking for already running aide"
fi
update-aide.conf
fi
/usr/bin/aide.real "$@"
if dotlocked; then
dotlockfile -u $LOCKFILE
fi
I am not quite happy with the grep test for a --config option because
it ignores the -c possibility. But without doing a full getopts
parsing it is difficult to get this completely correct.
Bob
--
Bob Proulx <bob at proulx.com>
http://www.proulx.com/~bob/
-- System Information:
Debian Release: 3.1
More information about the Pkg-aide-maintainers
mailing list