On Thu, Oct 29, 2009 at 07:37:55AM +0100, Robert Felber wrote:
> On Thu, Oct 29, 2009 at 12:20:40PM +1100, Morgan Weetman wrote:
> > Hi,
> > 
> >   I wasn't sure what the process was to submit updates to polw, if you
> > could please let me know.
> 
> You can release it on sourceforge and I'll include it on policyd-weight.org.


First,

 is it okay to keep line-breaks as is, resp. to format it for 80-char
displays? It's otherwise a hard reading. Also, as suggestion: format the
code at a black-bg,white-fg-terminal without syntax-highlighting. That's
why I kept those long 

#
# #############################################################################
#

lines.



Second,

 code:

I don't see the reason for the massive change.

If no cache proecess exists, every process is allowed to create one.
In the start-phase of policyd-weight or in case of a death of a cache
this could mean a couple of hundreds cache-process trying to start up. If you
let them sit around by sleeping 2 seconds, you will cause a fork problem 
(imagine 20 or 30 smtp requests per second).
They have to return undef, and non verbose instantly if they detect that other
caches are ahead.

As soon as a cache is successfully forked, it does delete the lockfile.

A stale socket will always be deleted.


In order to make sure that there is no stale lock-file at the beginning of
the world we could remove an existing lock-dir before (like):

line: 1152
+ # a cache-lock-file shouldn't be there yet
+ if( -d $LOCKPATH.'/cache_lock )
+ {
+    unlink $LOCKPATH.'/cache_lock;
+ }
cache_query("start"); # pre-launch cache


Rationale: the master/child have to control when to start caches. As such
it is their, in this case the masters, responsibility to make precautions
for a clean environment.

If a cache crashes between 'mkdir lock' and 'rmdir lock' then it
has to be logged.


Also, for such things that concern security and robustness, I'd suggest that
we talk first about it. I haven't included it on policyd-weight.org because
of the 2-seconds-of-vague-sleep, which really shouldn't be there.

We should also start to sign the changes made in changes.txt.
Or maybe use the sourceforge SVN.

-- 
    Robert Felber (PGP: 896CF30B)
    Munich, Germany

____________________________________________________________
Policyd-weight Mailinglist - http://www.policyd-weight.org/

Reply via email to