Bug#43529: marked as done (debian-policy: mail locking in Debian is _not_ NFS safe)
Your message dated Wed, 21 Jun 2000 18:35:15 +0100
with message-id <20000621183515.A4377@polya>
and subject line Closing NFS-safe policy bugs
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Darren Benham
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 26 Aug 1999 10:40:24 +0000
Received: (qmail 16720 invoked from network); 26 Aug 1999 10:40:23 -0000
Received: from postfix.rhein.de (193.175.27.8)
by master.debian.org with SMTP; 26 Aug 1999 10:40:23 -0000
Received: by postfix.rhein.de (Postfix, from userid 5)
id 6D8A012932; Thu, 26 Aug 1999 12:39:52 +0200 (MET DST)
Received: from luv (luv)
by aiur (rbsmtp 2.3pl8bMS);
Thu Aug 26 12:39:52 1999
using /var/spool/bsmtp/out/q05915.01.935663992
Received: from spinnaker.rhein.de (root@spinnaker.rhein.de [193.175.27.129])
by luv.rhein.de (8.9.3/8.9.3/Debian/GNU) with ESMTP id MAA17920;
Thu, 26 Aug 1999 12:27:45 +0200
Received: (from roland@localhost)
by spinnaker.rhein.de (8.9.3/8.9.3/Debian/GNU) id MAA07073;
Thu, 26 Aug 1999 12:27:43 +0200
Date: Thu, 26 Aug 1999 12:27:43 +0200
Message-Id: <199908261027.MAA07073@spinnaker.rhein.de>
From: Roland Rosenfeld <roland@spinnaker.de>
Subject: debian-policy: mail locking in Debian is _not_ NFS safe
To: submit@bugs.debian.org
X-Mailer: bug 3.2.2
Sender: roland@spinnaker.rhein.de
Package: debian-policy
Version: 3.0.1.1
Severity: important
Policy says the following about the locking of mail:
All Debian MUAs and MTAs have to use the `maillock' and `mailunlock'
functions provided by the `liblockfile' packages to lock and unlock
mail boxes. These functions implement a NFS-safe locking mechanism.
(It is ok if MUAs and MTAs don't link against liblockfile but use a
_compatible_ mechanism. Please compare the mechanisms very carefully!)
The problem with this is, that liblockfile is not NFS-safe when the
client machine runs Linux 2.2.*. The cause of this is the following:
liblockfile uses dotlocking only (no fcntl()).
Linux 2.2.* caches files over NFS, so a client may not notice that the
file was changed on the server, which may lead to the problem, that
the client overwrites a mail folder, where the MDA on the server may
have appended a mail just the moment before.
The solution for this problem is to use fcntl(), because Linux 2.2.*
flushes the cache of a file in the moment when it is locked using
fcntl().
But only fcntl() locking is not enough, because Linux 2.0.* doesn't
support this over NFS and then we have no locking over NFS.
The correct solution for this problem is to combine fcntl() and dot
locking.
The problem with combining these two locking types is, that we may run
into a dead lock, if two programs use a different order of the two
locking methods.
The way out here is to _define_ a special order of the two lockings
(either in the policy or in the reference implementation) or to
implement them in a way, which solves dead locks itself (instead of
locking with one mechanism, and then waiting for the 2nd lock to be
established, it could temporarily undo the first lock and try again
both locks after a (random) sleep, so deadlocks are avoided).
I don't know how the different programs (MDAs, MUAs, IMAPd, popd,...)
handle this, but most of them seem to implement locking themselves
instead of using liblockfile. So the problem is, that we have to
change many packages. But this has to be done, because the use of
dotlock only is a bug which causes mail loss.
What's the correct way to solve this problem now? In Bug#43491
(against liblockfile1) I proposed to simply change the reference
implementation (it is broken, because it is not NFS safe as the policy
expects), but the maintainer of liblockfile first wants a list of all
programs with their order of fcntl and dotlock (if both would be
enabled). I personally do not have the time for this investigation,
but I think that this problem has to be fixed before the next release
(which will come with Linux 2.2.*). So maybe someone else wants to
compile this list? Or maybe someone knows what the most often used
order of these locking methods is or wants to define "our" preferred
order?
Ciao
Roland
-- System Information
Debian Release: potato
Kernel Version: Linux spinnaker 2.2.11 #1 Don Aug 19 22:41:08 CEST 1999 i586 unknown
---------------------------------------
Received: (at 43529-done) by bugs.debian.org; 21 Jun 2000 18:20:25 +0000
>From J.D.Gilbey@qmw.ac.uk Wed Jun 21 13:20:25 2000
Return-path: <J.D.Gilbey@qmw.ac.uk>
Received: from mserv1c.u-net.net [195.102.240.33]
by master.debian.org with esmtp (Exim 3.12 2 (Debian))
id 134p6v-0002F0-00; Wed, 21 Jun 2000 13:20:25 -0500
Received: from [195.102.197.253] (helo=polya)
by mserv1c.u-net.net with esmtp (Exim 2.10 #35)
id 134p5j-00049B-00; Wed, 21 Jun 2000 19:19:12 +0100
Received: from jdg by polya with local (Exim 3.12 #1 (Debian))
id 134oPD-00018h-00; Wed, 21 Jun 2000 18:35:15 +0100
Date: Wed, 21 Jun 2000 18:35:15 +0100
From: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>
To: 31441-done@bugs.debian.org, 43529-done@bugs.debian.org
Subject: Closing NFS-safe policy bugs
Message-ID: <20000621183515.A4377@polya>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
User-Agent: Mutt/1.0.1i
Delivered-To: 43529-done@bugs.debian.org
The dotlock + flock mailbox locking combination is already required
for MTAs, MUAs etc in policy 3.1.1.1. So I'm closing these bug
reports. If mutt still suffers from these problems, please reopen the
relevant bug and reassign it to mutt. (Instructions in
/usr/doc/debian.)
Julian
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Julian Gilbey, Dept of Maths, QMW, Univ. of London. J.D.Gilbey@qmw.ac.uk
Debian GNU/Linux Developer, see http://www.debian.org/~jdg
Donate free food to the world's hungry: see http://www.thehungersite.com/
Reply to: