flock: add support for using fcntl() with open file description locks
Currently, there is no way for shell scripts to safely access
resources protected by POSIX locking (fcntl with the F_SETLK/F_SETLKW
commands). For example, the glibc function lckpwdf(), used to
protect access to the /etc/shadow database, works by taking a
F_SETLKW on /etc/.pwd.lock .
Due to the odd semantics of POSIX locking (e.g. released when any file
descriptor associated to the inode is closed), we cannot usefully
directly expose the POSIX F_SETLK/F_SETLKW commands. However, linux
3.15 introduced F_OFD_SETLK[W], with semantics wrt. ownership and
release better matching those of flock(2), and crucially they do
conflict with locks obtained via F_SETLK[W]. With this, a shell script
can do
exec 4> /etc/.pwd.lock
flock --fcntl 4
<access/modify /etc/shadow ...>
flock --fcntl --unlock 4 # or just exit
without conflicting with passwd(1) or other utilities that
access/modify /etc/shadow.
No single-letter shorthand is defined for the option, because this is
somewhat low-level and the user really needs to know what he is doing.
Also, this leaves the door open for teaching --fcntl to accept an
optional argument: "ofd", the default, and "posix", should anyone find
a use for flock(1) taking a F_SETLK[W] lock.