[Pkg-aide-maintainers] Bug#841006: please use dotlockfile -r 0 in aide.wrapper
Marc Haber
mh+debian-packages at zugschlus.de
Sun Oct 16 20:02:19 UTC 2016
Package: aide-common
Version: 0.16-1
Severity: wishlist
Hi,
please consider using dotlockfile -p -r 0 -l $LOCKFILE in the wrapper.
The current setting will retry to obtain the lock, which is probably
not intended behavior if a manual aide run prevents the cron-job from
running.
I have lost my aide database in the following situation:
- I boot up a VM that was not running during cron.daily time
- I upgrade the kernel
- I reboot before anacron starts cron.daily
- After the reboot, I invoke aide.wrapper --update to refresh the
database
- during this operation, anacron starts cron.daily, aide's cron job
cannot obtain the lock because the manually started aide cron job
holds it. the cron.daily wrapper waits.
- The manual aide run ends, the cron.daily aide run obtains the lock
and begins running. In this process, aide.db.new is truncated to zero
size.
- I review the log from the manual aide run, find it ok, and copy the
(zero length) aide.db.new to aide.db.
=> boom, database lost.
I think it is the lesser evil to not have the cron job wait for the
aide lock and have it bomb out immediately.
Greetings
Marc
More information about the Pkg-aide-maintainers
mailing list