From: Stefan Schantl Date: Thu, 3 Mar 2022 04:49:43 +0000 (+0100) Subject: update-ids-ruleset: Always drop the lock file if it has been created during runtime. X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a956712e75643a4581da8246cef4135a31660746;p=people%2Fms%2Fipfire-2.x.git update-ids-ruleset: Always drop the lock file if it has been created during runtime. In some situations or if an error happened, the lock file could be keep on the system. In such a case the IDS page would be locked forever until user interaction or reboot of the system. Now the script checks if it has created such a lock and release it when the script exists. Signed-off-by: Stefan Schantl Reviewed-by: Michael Tremer Acked-by: Peter Müller --- diff --git a/src/scripts/update-ids-ruleset b/src/scripts/update-ids-ruleset index b3974528dc..8c5fd37a1b 100644 --- a/src/scripts/update-ids-ruleset +++ b/src/scripts/update-ids-ruleset @@ -26,6 +26,9 @@ require '/var/ipfire/general-functions.pl'; require "${General::swroot}/ids-functions.pl"; require "${General::swroot}/lang.pl"; +# Variable to store if the process has written a lockfile. +my $locked; + # Hash to store the configured providers. my %providers = (); @@ -77,6 +80,9 @@ if(&IDS::checkdiskspace()) { # Lock the IDS page. &IDS::lock_ids_page(); +# The script has requested a lock, so set locket to "1". +$locked = "1"; + # Grab the configured providers. &General::readhasharray("$IDS::providers_settings_file", \%providers); @@ -114,13 +120,20 @@ foreach my $id (keys %providers) { # Set correct ownership for the rulesdir and files. &IDS::set_ownership("$IDS::rulespath"); -# Unlock the IDS page. -&IDS::unlock_ids_page(); - # Check if the IDS is running. if(&IDS::ids_is_running()) { # Call suricatactrl to perform a reload. &IDS::call_suricatactrl("reload"); } +# Custom END declaration to release a IDS page lock +# when the script has created one. +END { + # Check if a lock has been requested. + if ($locked) { + # Unlock the IDS page. + &IDS::unlock_ids_page(); + } +} + 1;