Package: aide Version: 0.11a-3 Severity: normal Tags: patch Use of /var/run/aide.lock breaks non-root use of aide.
aide --config=$HOME/aide/conf --update dotlockfile: /var/run/aide.lock: permission denied cannot obtain lock /var/run/aide.lock, stale lock? I suggest also using a lockfile only if no --config is given by the user. Also, printing a message when a user is using --config is not expected. I would like to see the message removed. Also when using $@ you almost always want "$@". And passing raw arguments to echo can open up possibility of problems there. How about this? #!/bin/sh # # Perform update-aide.conf call before calling aide, since the autogenerated # configuration is now the default config file PATH="/usr/sbin:/sbin:/usr/bin:/bin" LOCKFILE="/var/run/aide.lock" pathfind() { OLDIFS="$IFS" IFS=: for p in $PATH; do if [ -x "$p/$*" ]; then IFS="$OLDIFS" return 0 fi done IFS="$OLDIFS" return 1 } dotlocked=false if ! printf "%b\n" "$*" | grep -q -e --config; then if which dotlockfile >/dev/null 2>&1; then if ! dotlockfile -p -l $LOCKFILE; then echo >&2 "cannot obtain lock $LOCKFILE, stale lock?" exit 1 fi dotlocked=true else echo >&2 "no dotlockfile binary in path, not checking for already running aide" fi update-aide.conf fi /usr/bin/aide.real "$@" if dotlocked; then dotlockfile -u $LOCKFILE fi I am not quite happy with the grep test for a --config option because it ignores the -c possibility. But without doing a full getopts parsing it is difficult to get this completely correct. Bob -- Bob Proulx <[EMAIL PROTECTED]> http://www.proulx.com/~bob/ -- System Information: Debian Release: 3.1 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]