From 27671216d589381fd6b0e4b0386f61fc6aa6be5d Mon Sep 17 00:00:00 2001
From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sun, 27 Jun 2021 19:22:24 +0200
Subject: [PATCH] update-ids-ruleset: Early exit script if lockfile exists.

This prevents from running the script while the WUI is performing
operations at the same time or to launch multiple instances of the
script.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 src/scripts/update-ids-ruleset | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/scripts/update-ids-ruleset b/src/scripts/update-ids-ruleset
index 3a3f17443e..10a2709074 100644
--- a/src/scripts/update-ids-ruleset
+++ b/src/scripts/update-ids-ruleset
@@ -42,6 +42,17 @@ if ( $> == 0 ) {
 	POSIX::setuid( $uid );
 }
 
+# Check if the IDS lock file exists.
+# In this case the WUI or another instance currently is altering the
+# ruleset.
+if (-f "$IDS::ids_page_lock_file") {
+	# Store notice to the syslog.
+	&IDS::_log_to_syslog("Another process currently is altering the IDS ruleset.");
+
+	# Exit.
+	exit 0;
+}
+
 # Check if the red device is active.
 unless (-e "${General::swroot}/red/active") {
 	# Store notice in the syslog.
-- 
2.39.5