init: implement locking

First, we use flock(2) to wait on parallel public-inbox-init(1)
invocations while we make multiple changes using git-config(1).
This flock allows -init processes to wait on each other if using
reasonable POSIX filesystems.

Then, we also need a git-config(1)-compatible lock to prevent
user-invoked git-config(1) processes from clobbering our
changes while we're holding the flock.

diff --git a/script/public-inbox-init b/script/public-inbox-init
index 39f2a067a20e21446e7561fe5240c3280253f762..8fd2f9dc2f5c490cb8325dbd8b6b74b91febd5be 100755 (executable)
--- a/script/public-inbox-init
+++ b/script/public-inbox-init
@@ -12,8 +12,10 @@ PublicInbox::Admin::require_or_die('-base');
 require PublicInbox::Config;
 require PublicInbox::InboxWritable;
 use File::Temp qw/tempfile/;
+use PublicInbox::Lock;
 use File::Basename qw/dirname/;
 use File::Path qw/mkpath/;
+use Fcntl qw(:DEFAULT);
 use Cwd qw/abs_path/;
 
 sub x { system(@_) and die join(' ', @_). " failed: $?\n" }
@@ -38,7 +40,29 @@ my %seen;
 my $pi_config = PublicInbox::Config->default_file;
 my $dir = dirname($pi_config);
 mkpath($dir); # will croak on fatal errors
+
+# first, we grab a flock to prevent simultaneous public-inbox-init
+# processes from trampling over each other, or exiting with 255 on
+# O_EXCL failure below.  This gets unlocked automatically on exit:
+my $lock_obj = { lock_path => "$pi_config.flock" };
+PublicInbox::Lock::lock_acquire($lock_obj);
+
+# git-config will operate on this (and rename on success):
 my ($fh, $pi_config_tmp) = tempfile('pi-init-XXXXXXXX', DIR => $dir);
+
+# Now, we grab another lock to use git-config(1) locking, so it won't
+# wait on the lock, unlike some of our internal flock()-based locks.
+# This is to prevent direct git-config(1) usage from clobbering our
+# changes.
+my $lockfile = "$pi_config.lock";
+my $lockfh;
+sysopen($lockfh, $lockfile, O_RDWR|O_CREAT|O_EXCL) or do {
+       $lockfh = undef;
+       warn "could not open config file: $lockfile: $!\n";
+       exit(255);
+};
+END { unlink($lockfile) if $lockfh };
+
 my $perm;
 if (-e $pi_config) {
        open(my $oh, '<', $pi_config) or die "unable to read $pi_config: $!\n";

diff --git a/t/init.t b/t/init.t
index 667b09fee902caaa8098afee342627a19ca1704d..0cd6f31fe073c2057bb9df6e03ceb3a6aead9a63 100644 (file)
--- a/t/init.t
+++ b/t/init.t
@@ -10,6 +10,8 @@ my $tmpdir = tempdir('pi-init-XXXXXX', TMPDIR => 1, CLEANUP => 1);
 use constant pi_init => 'blib/script/public-inbox-init';
 use PublicInbox::Import;
 use File::Basename;
+use PublicInbox::Spawn qw(spawn);
+use Cwd qw(getcwd);
 open my $null, '>>', '/dev/null';
 my $rdr = { 2 => fileno($null) };
 sub quiet_fail {
@@ -47,6 +49,16 @@ sub quiet_fail {
        @cmd = (pi_init, 'clist', '-V2', "$tmpdir/clist",
                   qw(http://example.com/clist clist@example.com));
        quiet_fail(\@cmd, 'attempting to init V2 from V1 fails');
+
+       open my $lock, '+>', "$cfgfile.lock" or die;
+       @cmd = (getcwd(). '/'. pi_init, 'lock', "$tmpdir/lock",
+               qw(http://example.com/lock lock@example.com));
+       ok(-e "$cfgfile.lock", 'lock exists');
+       my $pid = spawn(\@cmd, undef, $rdr);
+       is(waitpid($pid, 0), $pid, 'lock init failed');
+       is($? >> 8, 255, 'got expected exit code on lock failure');
+       ok(unlink("$cfgfile.lock"),
+               '-init did not unlink lock on failure');
 }
 
 SKIP: {