Protect user db with flock

This commit is contained in:
Erik Wramner 2019-08-01 19:39:25 +02:00
parent d6861881ab
commit 81e9c7dcff
5 changed files with 68 additions and 38 deletions

View file

@ -22,6 +22,11 @@ escape() {
[ -z "$USER" ] && { usage; errex "no username specified"; } [ -z "$USER" ] && { usage; errex "no username specified"; }
expr index "$USER" "@" >/dev/null || { usage; errex "username must include the domain"; } expr index "$USER" "@" >/dev/null || { usage; errex "username must include the domain"; }
# Protect config file with lock to avoid race conditions
touch $DATABASE
(
flock -e 200
grep -qi "^$(escape "$USER")|" $DATABASE 2>/dev/null && grep -qi "^$(escape "$USER")|" $DATABASE 2>/dev/null &&
errex "User \"$USER\" already exists" errex "User \"$USER\" already exists"
@ -30,5 +35,7 @@ if [ -z "$PASSWD" ]; then
echo echo
[ -z "$PASSWD" ] && errex "Password must not be empty" [ -z "$PASSWD" ] && errex "Password must not be empty"
fi fi
HASH="$(doveadm pw -s SHA512-CRYPT -u "$USER" -p "$PASSWD")" HASH="$(doveadm pw -s SHA512-CRYPT -u "$USER" -p "$PASSWD")"
echo "$USER|$HASH" >> $DATABASE echo "$USER|$HASH" >> $DATABASE
) 200<$DATABASE

View file

@ -33,6 +33,10 @@ shift $((OPTIND-1))
[ -z "$@" ] && { usage; errex "No user specifed"; } [ -z "$@" ] && { usage; errex "No user specifed"; }
[ -s "$DATABASE" ] || exit 0 [ -s "$DATABASE" ] || exit 0
# Protect config file with lock to avoid race conditions
(
flock -e 200
for USER in "$@"; do for USER in "$@"; do
# very simple plausibility check # very simple plausibility check
[[ "$USER" != *"@"*"."* ]] && errex "No valid address: $USER" [[ "$USER" != *"@"*"."* ]] && errex "No valid address: $USER"
@ -55,3 +59,5 @@ for USER in "$@"; do
rm -r -f /var/mail/${MAILARR[1]}/${MAILARR[0]} rm -r -f /var/mail/${MAILARR[1]}/${MAILARR[0]}
[ $? = 0 ] && echo "Maildir deleted." || errex "Maildir couldn't be deleted: $?" [ $? = 0 ] && echo "Maildir deleted." || errex "Maildir couldn't be deleted: $?"
done done
) 200<$DATABASE

View file

@ -10,4 +10,9 @@ errex() {
[ -f $DATABASE ] || errex "No postfix-accounts.cf file" [ -f $DATABASE ] || errex "No postfix-accounts.cf file"
[ -s $DATABASE ] || errex "Empty postfix-accounts.cf - no users have been added" [ -s $DATABASE ] || errex "Empty postfix-accounts.cf - no users have been added"
# Lock database even though we are only reading
(
flock -e 200
awk -F '|' '{ print $1; }' $DATABASE awk -F '|' '{ print $1; }' $DATABASE
) 200<$DATABASE

View file

@ -27,7 +27,13 @@ if [ -z "$PASSWD" ]; then
[ -z "$PASSWD" ] && errex "Password must not be empty" [ -z "$PASSWD" ] && errex "Password must not be empty"
fi fi
HASH="$(doveadm pw -s SHA512-CRYPT -u "$USER" -p "$PASSWD")" HASH="$(doveadm pw -s SHA512-CRYPT -u "$USER" -p "$PASSWD")"
# Protect config file with lock to avoid race conditions
(
flock -e 200
grep -qi "^$(escape "$USER")|" $DATABASE 2>/dev/null || grep -qi "^$(escape "$USER")|" $DATABASE 2>/dev/null ||
errex "User \"$USER\" does not exist" errex "User \"$USER\" does not exist"
sed -i "s ^"$USER"|.* "$USER"|"$HASH" " $DATABASE sed -i "s ^"$USER"|.* "$USER"|"$HASH" " $DATABASE
) 200<$DATABASE

View file

@ -37,8 +37,7 @@ for file in postfix-accounts.cf postfix-virtual.cf postfix-aliases.cf; do
done done
# Wait to make sure server is up before we start # Wait to make sure server is up before we start
# Plus the files have just been generated, no hurry to process changes sleep 10
sleep 20
# Run forever # Run forever
while true; do while true; do
@ -46,7 +45,7 @@ while true; do
# recreate logdate # recreate logdate
log_date=$(date +"%Y-%m-%d %H:%M:%S ") log_date=$(date +"%Y-%m-%d %H:%M:%S ")
# Get chksum and check it. # Get chksum and check it, no need to lock config yet
chksum=$(sha512sum -c --ignore-missing $CHKSUM_FILE) chksum=$(sha512sum -c --ignore-missing $CHKSUM_FILE)
if [[ $chksum == *"FAIL"* ]]; then if [[ $chksum == *"FAIL"* ]]; then
@ -57,6 +56,11 @@ if [[ $chksum == *"FAIL"* ]]; then
# Also note that changes are performed in place and are not atomic # Also note that changes are performed in place and are not atomic
# We should fix that and write to temporary files, stop, swap and start # We should fix that and write to temporary files, stop, swap and start
# Lock configuration while working
# Not fixing indentation yet to reduce diff (fix later in separate commit)
(
flock -e 200
#regen postix aliases. #regen postix aliases.
echo "root: ${PM_ADDRESS}" > /etc/aliases echo "root: ${PM_ADDRESS}" > /etc/aliases
if [ -f /tmp/docker-mailserver/postfix-aliases.cf ]; then if [ -f /tmp/docker-mailserver/postfix-aliases.cf ]; then
@ -195,6 +199,8 @@ if [[ $chksum == *"FAIL"* ]]; then
echo "${log_date} Update checksum" echo "${log_date} Update checksum"
sha512sum ${cf_files[@]/#/--tag } >$CHKSUM_FILE sha512sum ${cf_files[@]/#/--tag } >$CHKSUM_FILE
) 200<postfix-accounts.cf # end lock
fi fi
sleep 1 sleep 1