This was briefly discussed last week, but no conclusion was reached. How should modules lock files? passwd/shadow are the main concerns. We need to try to be compatible with other software, which can be difficult to impossible. There are a few options: flock(2) - not 100% reliable on some filesystems, but pretty good. fcntl(2) - looks good. lckpwdf(3) - undocumented, does it protect /etc/shadow? lckpwdf(pam_unix) - would be pam specific, ties up SIGALRM others? Perhaps a combination of these things is needed to at least attempt to maintain compatibility with other software, but then again these functions may be mutually exclusive on some systems. For now I'm just using pam_unix's method of falling back on it's own code if the system doesn't have lckpwdf(3). However, this reserves SIGALRM in threaded applications that make use of PAM, which means they shouldn't (read: can't) use sleep(3). We should come up with a good solutions and document it in the module writers guide. I personally don't have any brilliant proposals, nor will I ever since I don't do any coding on some of the systems Linux-PAM runs on (Ultrix, AIX, HP-UX, OSX, ...) The next problem is read locking vs write locking. To read such files is it neccisary to call lckpwdf (if that's what we use). You would have to because it's the only way to prevent another process/thread from writing to your file. An fcntl() or flock() solution would solve this, but that may be impossible depending on compatibility concerns. Such a paradox. - Adam Slattery
