On Tue, 2012-02-14 at 10:45 -0500, Stephen Gallagher wrote: > On Mon, 2012-02-13 at 15:42 +0100, Jan Cholasta wrote: > > Additionally, don't drop the connection when the sss_ssh_knownhostsproxy > > process receives a signal. > > > > https://fedorahosted.org/sssd/ticket/1179 > > https://fedorahosted.org/sssd/ticket/1184 > > Nack. > > Writing to the known_hosts file directly is unsafe. Please use mkstemp() > (with umask set appropriately) to create a new temporary file. Then you > can rename() the file once it's complete, which is effectively an atomic > action on the filesystem (existing applications will keep their pointer > to the old file safely until they close it and reopen the new one).
make sure you create the temp file in the same directory not in /tmp, that means mkstemp() is probably not necessary as there is no race in ~/.ssh Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
