[Pkg-ossec-devel] [SCM] Git repository for pkg-ossec branch, debian, updated. f89fb2c00b1a2606035e5cd0e35b4ebe99f049ac

Javier Fernandez-Sanguino jfs at debian.org
Wed Aug 29 12:57:44 UTC 2012


The following commit has been merged in the debian branch:
commit 2b77358fdf98283577128f68de6b3886145b8697
Author: Javier Fernandez-Sanguino <jfs at debian.org>
Date:   Tue Aug 28 23:36:27 2012 +0200

    Add a patch to avoid removing the lock directory (using rm -rf as root)

diff --git a/debian/patches/04-control-lock-removal b/debian/patches/04-control-lock-removal
new file mode 100644
index 0000000..39569db
--- /dev/null
+++ b/debian/patches/04-control-lock-removal
@@ -0,0 +1,157 @@
+Index: pkg-ossec/active-response/host-deny.sh
+===================================================================
+--- pkg-ossec.orig/active-response/host-deny.sh	2012-08-28 22:07:24.000000000 +0200
++++ pkg-ossec/active-response/host-deny.sh	2012-08-28 23:22:29.000000000 +0200
+@@ -30,9 +30,14 @@
+     i=0;
+     # Providing a lock.
+     while [ 1 ]; do
+-        mkdir ${LOCK} > /dev/null 2>&1
+-        MSL=$?
+-        if [ "${MSL}" = "0" ]; then
++        [ ! -e "${LOCK}" ] && mkdir -p ${LOCK} > /dev/null 2>&1
++	# Ensure we can make the LOCK properly first
++	if [ ! -d "${LOCK}" ] ; then
++		echo "ERROR: The configured lock directory ${LOCK} is not a directory or it does not exist, cannot continue" 
++		exit 1
++	fi
++	# If there is no PIDfile then we can set the pid and break
++	if [ ! -e "${LOCK_PID}" ] ; then
+             # Lock aquired (setting the pid)
+             echo "$$" > ${LOCK_PID}
+             return;
+@@ -71,9 +76,13 @@
+ }
+ 
+ # Unlock function
++# Just remove the lock file if it is there, keep the lock directory
++# for later. We don't remove the directory (rm -rf is dangerous in a shell script)
+ unlock()
+ {
+-   rm -rf ${LOCK} 
++   [ ! -e "${LOCK}" ]  && return 0
++   [ ! -d "${LOCK}" ]  && return 0
++   [ -e "{$LOCK_PID}" ] &&  rm -f ${LOCK_PID}
+ }
+ 
+ 
+Index: pkg-ossec/src/init/ossec-client.sh
+===================================================================
+--- pkg-ossec.orig/src/init/ossec-client.sh	2012-08-28 23:10:02.000000000 +0200
++++ pkg-ossec/src/init/ossec-client.sh	2012-08-28 23:13:51.000000000 +0200
+@@ -51,9 +51,14 @@
+     
+     # Providing a lock.
+     while [ 1 ]; do
+-        mkdir ${LOCK} > /dev/null 2>&1
+-        MSL=$?
+-        if [ "${MSL}" = "0" ]; then
++        [ ! -e "${LOCK}" ] && mkdir -p ${LOCK} > /dev/null 2>&1
++        # Ensure we can make the LOCK properly first
++	if [ ! -d "${LOCK}" ] ; then
++		echo "ERROR: The configured lock directory ${LOCK} is not a directory or it does not exist, cannot continue" 
++		exit 1
++	fi
++	# If there is no PIDfile then we can set the pid and break
++	if [ ! -e "${LOCK_PID}" ] ; then
+             # Lock aquired (setting the pid)
+             echo "$$" > ${LOCK_PID}
+             return;
+@@ -81,14 +86,17 @@
+     done
+ }
+ 
+-
+ # Unlock function
++# Just remove the lock file if it is there, keep the lock directory
++# for later. We don't remove the directory (rm -rf is dangerous in a shell script)
+ unlock()
+ {
+-    rm -rf ${LOCK}
++	[ ! -e "${LOCK}" ]  && return 0
++	[ ! -d "${LOCK}" ]  && return 0
++	[ -e "{$LOCK_PID}" ] &&  rm -f ${LOCK_PID}
+ }
+ 
+-    
++
+ # Help message
+ help()
+ {
+Index: pkg-ossec/src/init/ossec-local.sh
+===================================================================
+--- pkg-ossec.orig/src/init/ossec-local.sh	2012-08-28 23:11:56.000000000 +0200
++++ pkg-ossec/src/init/ossec-local.sh	2012-08-28 23:13:00.000000000 +0200
+@@ -62,9 +62,14 @@
+     
+     # Providing a lock.
+     while [ 1 ]; do
+-        mkdir ${LOCK} > /dev/null 2>&1
+-        MSL=$?
+-        if [ "${MSL}" = "0" ]; then
++        [ ! -e "${LOCK}" ] && mkdir -p ${LOCK} > /dev/null 2>&1
++        # Ensure we can make the LOCK properly first
++	if [ ! -d "${LOCK}" ] ; then
++		echo "ERROR: The configured lock directory ${LOCK} is not a directory or it does not exist, cannot continue" 
++		exit 1
++	fi
++	# If there is no PIDfile then we can set the pid and break
++	if [ ! -e "${LOCK_PID}" ] ; then
+             # Lock aquired (setting the pid)
+             echo "$$" > ${LOCK_PID}
+             return;
+@@ -94,9 +99,13 @@
+ 
+ 
+ # Unlock function
++# Just remove the lock file if it is there, keep the lock directory
++# for later. We don't remove the directory (rm -rf is dangerous in a shell script)
+ unlock()
+ {
+-    rm -rf ${LOCK}
++	[ ! -e "${LOCK}" ]  && return 0
++	[ ! -d "${LOCK}" ]  && return 0
++	[ -e "{$LOCK_PID}" ] &&  rm -f ${LOCK_PID}
+ }
+ 
+     
+Index: pkg-ossec/src/init/ossec-server.sh
+===================================================================
+--- pkg-ossec.orig/src/init/ossec-server.sh	2012-08-28 23:07:48.000000000 +0200
++++ pkg-ossec/src/init/ossec-server.sh	2012-08-28 23:09:44.000000000 +0200
+@@ -62,9 +62,14 @@
+     
+     # Providing a lock.
+     while [ 1 ]; do
+-        mkdir ${LOCK} > /dev/null 2>&1
+-        MSL=$?
+-        if [ "${MSL}" = "0" ]; then
++	[ ! -e "${LOCK}" ] && mkdir ${LOCK} > /dev/null 2>&1
++	# Ensure we can make the LOCK properly first
++	if [ ! -d "${LOCK}" ] ; then
++		echo "ERROR: The configured lock directory ${LOCK} is not a directory or it does not exist, cannot continue" 
++		exit 1
++	fi
++	# If there is no PIDfile then we can set the pid and break
++	if [ ! -e "${LOCK_PID}" ] ; then
+             # Lock aquired (setting the pid)
+             echo "$$" > ${LOCK_PID}
+             return;
+@@ -94,12 +99,15 @@
+ 
+ 
+ # Unlock function
++# Just remove the lock file if it is there, keep the lock directory
++# for later. We don't remove the directory (rm -rf is dangerous in a shell script)
+ unlock()
+ {
+-    rm -rf ${LOCK}
++	[ ! -e "${LOCK}" ]  && return 0
++	[ ! -d "${LOCK}" ]  && return 0
++	[ -e "{$LOCK_PID}" ] &&  rm -f ${LOCK_PID}
+ }
+ 
+-    
+ # Help message
+ help()
+ {

-- 
Git repository for pkg-ossec



More information about the Pkg-ossec-devel mailing list