update-users-groups.pl: use atomic write_file #82755
Conversation
|
is it possible to control location where $tmp file is created for atomic write_file? I think this is fine as long as we have both If not, then better to introduce some random cruft into I also wonder how to reproduce the race condition. Should I run concurrent |
yes I do think this is possible: https://metacpan.org/pod/File::Temp#tempfile
Honestly, neither do I. I don't know Perl much, therefore maybe I am misjudging the situation. But looking at the script it seems to be in a very bad shape overall. Tons of FIXME's and an empty salt for generated password hashes and quite a few spooky bugs which lead to corrupted systems:
.. Maybe #48378 wasn't such a bad idea after all. |
|
Hello, I'm a bot and I thank you in the name of the community for your contributions. Nixpkgs is a busy repository, and unfortunately sometimes PRs get left behind for too long. Nevertheless, we'd like to help committers reach the PRs that are still important. This PR has had no activity for 180 days, and so I marked it as stale, but you can rest assured it will never be closed by a non-human. If this is still important to you and you'd like to remove the stale label, we ask that you leave a comment. Your comment can be as simple as "still important to me". But there's a bit more you can do: If you received an approval by an unprivileged maintainer and you are just waiting for a merge, you can @ mention someone with merge permissions and ask them to help. You might be able to find someone relevant by using Git blame on the relevant files, or via GitHub's web interface. You can see if someone's a member of the nixpkgs-committers team, by hovering with the mouse over their username on the web interface, or by searching them directly on the list. If your PR wasn't reviewed at all, it might help to find someone who's perhaps a user of the package or module you are changing, or alternatively, ask once more for a review by the maintainer of the package/module this is about. If you don't know any, you can use Git blame on the relevant files, or GitHub's web interface to find someone who touched the relevant files in the past. If your PR has had reviews and nevertheless got stale, make sure you've responded to all of the reviewer's requests / questions. Usually when PR authors show responsibility and dedication, reviewers (privileged or not) show dedication as well. If you've pushed a change, it's possible the reviewer wasn't notified about your push via email, so you can always officially request them for a review, or just @ mention them and say you've addressed their comments. Lastly, you can always ask for help at our Discourse Forum, or more specifically, at this thread or at #nixos' IRC channel. |
stale
bot
added
the
2.status: stale
| write_file("$path.tmp", { binmode => ':utf8', perms => $perms // 0644, atomic => 1 }, $contents); | ||
| rename("$path.tmp", $path) or die; |
There was a problem hiding this comment.
If we use this flag I don't see a point of having an additional rename step, which was also meant to make the write atomic-ish (no really so when we have multiple writers).
| write_file("$path.tmp", { binmode => ':utf8', perms => $perms // 0644, atomic => 1 }, $contents); | |
| rename("$path.tmp", $path) or die; | |
| write_file("$path", { binmode => ':utf8', perms => $perms // 0644, atomic => 1 }, $contents) or die; |
Please also check if write_file or die is correct here. I assume so but than we have perl which is full of ways to shoot yourself in the foot.
There was a problem hiding this comment.
The or die is correct in the error case it returns undef: https://github.com/perhunter/slurp/blob/d909fac92e6eb0592362c8337c7abc7f4693ac94/lib/File/Slurp.pm#L602
stale
bot
removed
the
2.status: stale
A sane implementation of the atomic flag should do the same thing you described (create a temporary file in the same directory with a random suffix and rename it), but please check so. |
|
I checked using the atomic flag on its own is sufficient: https://github.com/perhunter/slurp/blob/d909fac92e6eb0592362c8337c7abc7f4693ac94/lib/File/Slurp.pm#L284 |
|
Part of #98544 |
Motivation for this change
This should prevent critical files from being overwritten by
update-users-groups.plin case something goes wrong when writing. Also in that script there are a lot of:FIXME: acquire lock.- comments which won't be solved by this, but at least mitigated to a point that parallel writes from an other source will not corrupt the file.From the doc:
With this pull request I am patching something that stumbled upon today. I am not familiar with this part of nixos. I believe this change makes sense, but at the same time I have my concerns. By opening this PR i would like to open the discussion around several open points I am not fully able to answer myself:
Things done
sandboxinnix.confon non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"./result/bin/)nix path-info -Sbefore and after)