From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 7EB751FF396 for ; Thu, 23 May 2024 14:05:47 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 19BA31ECD2; Thu, 23 May 2024 14:06:06 +0200 (CEST) Mime-Version: 1.0 Date: Thu, 23 May 2024 14:06:01 +0200 Message-Id: From: "Shannon Sterz" To: "Proxmox Backup Server development discussion" X-Mailer: aerc 0.17.0-69-g65571b67d7d3-dirty References: <20240523112559.257547-1-s.sterz@proxmox.com> <20240523114647.g7tf64ins3hhh5e6@luna.proxmox.com> In-Reply-To: <20240523114647.g7tf64ins3hhh5e6@luna.proxmox.com> X-SPAM-LEVEL: Spam detection results: 0 AWL -0.066 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [proxmox.com] Subject: Re: [pbs-devel] [PATCH proxmox-backup] auth: add locking to `PbsAuthenticator` to avoid race conditions X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Backup Server development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pbs-devel-bounces@lists.proxmox.com Sender: "pbs-devel" On Thu May 23, 2024 at 1:46 PM CEST, Gabriel Goller wrote: > On 23.05.2024 13:25, Shannon Sterz wrote: > >currently we don't lock the shadow file when removing or storing a > >password. by adding locking here we avoid a situation where storing > >and/or removing a password concurrently could lead to a race > >condition. in this scenario it is possible that a password isn't > >persisted or a password isn't removed. we already do this for > >the "token.shadow" file, so just use the same mechanism here. > > > >Signed-off-by: Shannon Sterz > > Is there any reason why the store_password function does not lock the > shadow.json file? do you mean the `authenticate_user` function? this patch add a locking call to the `store_password` function for me. > > > _______________________________________________ > pbs-devel mailing list > pbs-devel@lists.proxmox.com > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel _______________________________________________ pbs-devel mailing list pbs-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel