* vipw does not work with some editors @ 2012-07-30 21:20 Mantas M. 2012-07-31 8:58 ` Karel Zak 2012-07-31 9:33 ` Bernhard Voelker 0 siblings, 2 replies; 5+ messages in thread From: Mantas M. @ 2012-07-30 21:20 UTC (permalink / raw) To: util-linux Some editors, such as Vim with 'writebackup' mode enabled, use "atomic save" in which the old file is deleted and a new one with the same name created in its place. When `vipw` is used with such an editor, it never detects changes, because it compares fstat() on a file descriptor pointing to the old file. Can this be fixed in `vipw`, or should I just start configuring Vim to stop making backups for vipw's temporary files? -- Mantas Mikulėnas <grawity@gmail.com> ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: vipw does not work with some editors 2012-07-30 21:20 vipw does not work with some editors Mantas M. @ 2012-07-31 8:58 ` Karel Zak 2012-07-31 9:33 ` Bernhard Voelker 1 sibling, 0 replies; 5+ messages in thread From: Karel Zak @ 2012-07-31 8:58 UTC (permalink / raw) To: Mantas M.; +Cc: util-linux On Tue, Jul 31, 2012 at 12:20:10AM +0300, Mantas M. wrote: > Some editors, such as Vim with 'writebackup' mode enabled, use "atomic > save" in which the old file is deleted and a new one with the same name > created in its place. When `vipw` is used with such an editor, it never > detects changes, because it compares fstat() on a file descriptor > pointing to the old file. > > Can this be fixed in `vipw`, or should I just start configuring Vim to > stop making backups for vipw's temporary files? hmm.. vipw from shadow-utils uses stat() rather than fstat(), so it depends on filename only. Maybe we can use the same solution. Karel -- Karel Zak <kzak@redhat.com> http://karelzak.blogspot.com ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: vipw does not work with some editors 2012-07-30 21:20 vipw does not work with some editors Mantas M. 2012-07-31 8:58 ` Karel Zak @ 2012-07-31 9:33 ` Bernhard Voelker 2012-07-31 10:46 ` Mantas Mikulėnas 1 sibling, 1 reply; 5+ messages in thread From: Bernhard Voelker @ 2012-07-31 9:33 UTC (permalink / raw) To: Mantas M.; +Cc: util-linux On 07/30/2012 11:20 PM, Mantas M. wrote: > Some editors, such as Vim with 'writebackup' mode enabled, use "atomic > save" in which the old file is deleted and a new one with the same name > created in its place. Why's that "atomic"? I see a race in between the unlink and the creat call. I'd tend to consider such editor mode "unlucky" for use with vipw. Have a nice day, Berny ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: vipw does not work with some editors 2012-07-31 9:33 ` Bernhard Voelker @ 2012-07-31 10:46 ` Mantas Mikulėnas 2012-07-31 11:33 ` Sami Kerola 0 siblings, 1 reply; 5+ messages in thread From: Mantas Mikulėnas @ 2012-07-31 10:46 UTC (permalink / raw) To: Bernhard Voelker; +Cc: util-linux On Tue, Jul 31, 2012 at 12:33 PM, Bernhard Voelker <mail@bernhard-voelker.de> wrote: > > > On 07/30/2012 11:20 PM, Mantas M. wrote: >> Some editors, such as Vim with 'writebackup' mode enabled, use "atomic >> save" in which the old file is deleted and a new one with the same name >> created in its place. > > Why's that "atomic"? > I see a race in between the unlink and the creat call. > I'd tend to consider such editor mode "unlucky" for use with vipw. Perhaps I picked the wrong name for it. Some other editors actually implement it atomically using rename(). Meanwhile, Vim has three settings with at least 36 different combinations, some of which copy and overwrite, others rename and recreate, etc. I did find this paragraph in `:help crontab`, however: *'backupcopy'* *'bkc'* 'backupcopy' 'bkc' string (Vi default for Unix: "yes", otherwise: "auto") [snip] *crontab* One situation where "no" and "auto" will cause problems: A program that opens a file, invokes Vim to edit that file, and then tests if the open file was changed (through the file descriptor) will check the backup file instead of the newly created file. "crontab -e" is an example. Seems like I could :set bkc=yes and avoid this problem with `vipw`. I don't know anymore if this is better fixed in vim or vipw... -- Mantas Mikulėnas ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: vipw does not work with some editors 2012-07-31 10:46 ` Mantas Mikulėnas @ 2012-07-31 11:33 ` Sami Kerola 0 siblings, 0 replies; 5+ messages in thread From: Sami Kerola @ 2012-07-31 11:33 UTC (permalink / raw) To: Mantas Mikulėnas; +Cc: Bernhard Voelker, util-linux On Tue, Jul 31, 2012 at 12:46 PM, Mantas Mikulėnas <grawity@gmail.com> wrote: > On Tue, Jul 31, 2012 at 12:33 PM, Bernhard Voelker > <mail@bernhard-voelker.de> wrote: >> >> >> On 07/30/2012 11:20 PM, Mantas M. wrote: >>> Some editors, such as Vim with 'writebackup' mode enabled, use "atomic >>> save" in which the old file is deleted and a new one with the same name >>> created in its place. >> >> Why's that "atomic"? >> I see a race in between the unlink and the creat call. >> I'd tend to consider such editor mode "unlucky" for use with vipw. > > Perhaps I picked the wrong name for it. Some other editors actually implement it > atomically using rename(). Meanwhile, Vim has three settings with at least 36 > different combinations, some of which copy and overwrite, others > rename and recreate, etc. > > I did find this paragraph in `:help crontab`, however: > > *'backupcopy'* *'bkc'* > 'backupcopy' 'bkc' string (Vi default for Unix: "yes", otherwise: "auto") > [snip] > *crontab* > One situation where "no" and "auto" will cause problems: A program > that opens a file, invokes Vim to edit that file, and then tests if > the open file was changed (through the file descriptor) will check the > backup file instead of the newly created file. "crontab -e" is an > example. > > Seems like I could :set bkc=yes and avoid this problem with `vipw`. > > I don't know anymore if this is better fixed in vim or vipw... Perhaps the vipw could check hard link count to open file handle. If hard link count is zero vipw code should stat(), and inform user a file with similar path, was put in place of passwd. That might make vim backupcopy to work, but might also cause some sort of security issue. At least in theory one could replace temporary file with malicious copy while root is editing (although that requires root permissions to begin with, which makes this exploit a bit dumb). BTW I have some time management challenges at the moment, so I leave implementing that for later (or someone quicker than me). -- Sami Kerola http://www.iki.fi/kerolasa/ ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2012-07-31 11:33 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2012-07-30 21:20 vipw does not work with some editors Mantas M. 2012-07-31 8:58 ` Karel Zak 2012-07-31 9:33 ` Bernhard Voelker 2012-07-31 10:46 ` Mantas Mikulėnas 2012-07-31 11:33 ` Sami Kerola
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).