Package: aide-common
Version: 0.16-1
Severity: wishlist


please consider using dotlockfile -p -r 0 -l $LOCKFILE in the wrapper.
The current setting will retry to obtain the lock, which is probably
not intended behavior if a manual aide run prevents the cron-job from

I have lost my aide database in the following situation:

- I boot up a VM that was not running during cron.daily time
- I upgrade the kernel
- I reboot before anacron starts cron.daily
- After the reboot, I invoke aide.wrapper --update to refresh the
- during this operation, anacron starts cron.daily, aide's cron job
  cannot obtain the lock because the manually started aide cron job
  holds it. the cron.daily wrapper waits.
- The manual aide run ends, the cron.daily aide run obtains the lock
  and begins running. In this process, is truncated to zero
- I review the log from the manual aide run, find it ok, and copy the
  (zero length) to aide.db.

=> boom, database lost.

I think it is the lesser evil to not have the cron job wait for the
aide lock and have it bomb out immediately.


Reply via email to