Protect user db with flock

2025-08-03 09:34:33 +02:00 · 2019-08-01 19:39:25 +02:00 · 2019-08-01 19:39:25 +02:00 · 81e9c7dcff
commit 81e9c7dcff
parent d6861881ab
5 changed files with 68 additions and 38 deletions
--- a/target/bin/addmailuser
+++ b/target/bin/addmailuser
@ -22,13 +22,20 @@ escape() {
 [ -z "$USER" ] && { usage; errex "no username specified"; }
 expr index "$USER" "@" >/dev/null || { usage; errex "username must include the domain"; }

-grep -qi "^$(escape "$USER")|" $DATABASE 2>/dev/null &&
-	errex "User \"$USER\" already exists"
+# Protect config file with lock to avoid race conditions
+touch $DATABASE
+( 
+  flock -e 200

-if [ -z "$PASSWD" ]; then
-	read -s -p "Enter Password: " PASSWD
-	echo
-	[ -z "$PASSWD" ] && errex "Password must not be empty"
-fi
-HASH="$(doveadm pw -s SHA512-CRYPT -u "$USER" -p "$PASSWD")"
-echo "$USER|$HASH" >> $DATABASE
+  grep -qi "^$(escape "$USER")|" $DATABASE 2>/dev/null &&
+    errex "User \"$USER\" already exists"
+
+  if [ -z "$PASSWD" ]; then
+    read -s -p "Enter Password: " PASSWD
+    echo
+    [ -z "$PASSWD" ] && errex "Password must not be empty"
+  fi
+
+  HASH="$(doveadm pw -s SHA512-CRYPT -u "$USER" -p "$PASSWD")"
+  echo "$USER|$HASH" >> $DATABASE
+) 200<$DATABASE