1 /* Lock files for editing.
2 Copyright (C) 1985, 86, 87, 93, 94, 96, 98, 1999 Free Software Foundation, Inc.
4 This file is part of GNU Emacs.
6 GNU Emacs is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2, or (at your option)
11 GNU Emacs is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GNU Emacs; see the file COPYING. If not, write to
18 the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
19 Boston, MA 02111-1307, USA. */
22 #include <sys/types.h>
45 #include <sys/types.h>
46 #include <sys/sysctl.h>
47 #endif /* __FreeBSD__ */
61 #ifdef CLASH_DETECTION
65 /* A file whose last-modified time is just after the most recent boot.
66 Define this to be NULL to disable checking for this file. */
67 #ifndef BOOT_TIME_FILE
68 #define BOOT_TIME_FILE "/var/run/random-seed"
72 #define WTMP_FILE "/var/log/wtmp"
75 /* The strategy: to lock a file FN, create a symlink .#FN in FN's
76 directory, with link data `user@host.pid'. This avoids a single
77 mount (== failure) point for lock files.
79 When the host in the lock data is the current host, we can check if
80 the pid is valid with kill.
82 Otherwise, we could look at a separate file that maps hostnames to
83 reboot times to see if the remote pid can possibly be valid, since we
84 don't want Emacs to have to communicate via pipes or sockets or
85 whatever to other processes, either locally or remotely; rms says
86 that's too unreliable. Hence the separate file, which could
87 theoretically be updated by daemons running separately -- but this
88 whole idea is unimplemented; in practice, at least in our
89 environment, it seems such stale locks arise fairly infrequently, and
90 Emacs' standard methods of dealing with clashes suffice.
92 We use symlinks instead of normal files because (1) they can be
93 stored more efficiently on the filesystem, since the kernel knows
94 they will be small, and (2) all the info about the lock can be read
95 in a single system call (readlink). Although we could use regular
96 files to be useful on old systems lacking symlinks, nowadays
97 virtually all such systems are probably single-user anyway, so it
98 didn't seem worth the complication.
100 Similarly, we don't worry about a possible 14-character limit on
101 file names, because those are all the same systems that don't have
104 This is compatible with the locking scheme used by Interleaf (which
105 has contributed this implementation for Emacs), and was designed by
106 Ethan Jacobson, Kimbo Mundy, and others.
108 --karl@cs.umb.edu/karl@hq.ileaf.com. */
111 /* Return the time of the last system boot. */
113 static time_t boot_time
;
114 static int boot_time_initialized
;
116 extern Lisp_Object Vshell_file_name
;
123 if (boot_time_initialized
)
125 boot_time_initialized
= 1;
127 #if defined (CTL_KERN) && defined (KERN_BOOTTIME)
131 struct timeval boottime_val
;
134 mib
[1] = KERN_BOOTTIME
;
135 size
= sizeof (boottime_val
);
137 if (sysctl (mib
, 2, &boottime_val
, &size
, NULL
, 0) >= 0)
139 boot_time
= boottime_val
.tv_sec
;
143 #endif /* defined (CTL_KERN) && defined (KERN_BOOTTIME) */
148 if (stat (BOOT_TIME_FILE
, &st
) == 0)
150 boot_time
= st
.st_mtime
;
155 #if defined (BOOT_TIME) && ! defined (NO_WTMP_FILE)
157 /* The utmp routines maintain static state.
158 Don't touch that state unless we are initialized,
159 since it might not survive dumping. */
162 #endif /* not CANNOT_DUMP */
164 /* Try to get boot time from utmp before wtmp,
165 since utmp is typically much smaller than wtmp.
166 Passing a null pointer causes get_boot_time_1
167 to inspect the default file, namely utmp. */
168 get_boot_time_1 ((char *) 0, 0);
172 /* Try to get boot time from the current wtmp file. */
173 get_boot_time_1 (WTMP_FILE
, 1);
175 /* If we did not find a boot time in wtmp, look at wtmp, and so on. */
176 for (counter
= 0; counter
< 20 && ! boot_time
; counter
++)
178 char cmd_string
[100];
179 Lisp_Object tempname
, filename
;
184 sprintf (cmd_string
, "%s.%d", WTMP_FILE
, counter
);
185 tempname
= build_string (cmd_string
);
186 if (! NILP (Ffile_exists_p (tempname
)))
190 sprintf (cmd_string
, "%s.%d.gz", WTMP_FILE
, counter
);
191 tempname
= build_string (cmd_string
);
192 if (! NILP (Ffile_exists_p (tempname
)))
195 tempname
= Fmake_temp_name (build_string ("wtmp"));
196 args
[0] = Vshell_file_name
;
200 args
[4] = build_string ("-c");
201 sprintf (cmd_string
, "gunzip < %s.%d.gz > %s",
202 WTMP_FILE
, counter
, XSTRING (tempname
)->data
);
203 args
[5] = build_string (cmd_string
);
204 Fcall_process (6, args
);
210 if (! NILP (filename
))
212 get_boot_time_1 (XSTRING (filename
)->data
, 1);
214 unlink (XSTRING (filename
)->data
);
225 /* Try to get the boot time from wtmp file FILENAME.
226 This succeeds if that file contains a reboot record.
228 If FILENAME is zero, use the same file as before;
229 if no FILENAME has ever been specified, this is the utmp file.
230 Use the newest reboot record if NEWEST is nonzero,
231 the first reboot record otherwise.
232 Ignore all reboot records on or before BOOT_TIME.
233 Success is indicated by setting BOOT_TIME to a larger value. */
235 get_boot_time_1 (filename
, newest
)
239 struct utmp ut
, *utp
;
244 /* On some versions of IRIX, opening a nonexistent file name
245 is likely to crash in the utmp routines. */
246 desc
= open (filename
, O_RDONLY
);
259 /* Find the next reboot record. */
260 ut
.ut_type
= BOOT_TIME
;
264 /* Compare reboot times and use the newest one. */
265 if (utp
->ut_time
> boot_time
)
267 boot_time
= utp
->ut_time
;
271 /* Advance on element in the file
272 so that getutid won't repeat the same one. */
279 #endif /* BOOT_TIME */
281 /* Here is the structure that stores information about a lock. */
291 /* When we read the info back, we might need this much more,
292 enough for decimal representation plus null. */
293 #define LOCK_PID_MAX (4 * sizeof (unsigned long))
295 /* Free the two dynamically-allocated pieces in PTR. */
296 #define FREE_LOCK_INFO(i) do { xfree ((i).user); xfree ((i).host); } while (0)
299 /* Write the name of the lock file for FN into LFNAME. Length will be
300 that of FN plus two more for the leading `.#' plus one for the null. */
301 #define MAKE_LOCK_NAME(lock, file) \
302 (lock = (char *) alloca (STRING_BYTES (XSTRING (file)) + 2 + 1), \
303 fill_in_lock_file_name (lock, (file)))
306 fill_in_lock_file_name (lockfile
, fn
)
307 register char *lockfile
;
308 register Lisp_Object fn
;
312 strcpy (lockfile
, XSTRING (fn
)->data
);
314 /* Shift the nondirectory part of the file name (including the null)
315 right two characters. Here is one of the places where we'd have to
316 do something to support 14-character-max file names. */
317 for (p
= lockfile
+ strlen (lockfile
); p
!= lockfile
&& *p
!= '/'; p
--)
320 /* Insert the `.#'. */
325 /* Lock the lock file named LFNAME.
326 If FORCE is nonzero, we do so even if it is already locked.
327 Return 1 if successful, 0 if not. */
330 lock_file_1 (lfname
, force
)
340 if (STRINGP (Fuser_login_name (Qnil
)))
341 user_name
= (char *)XSTRING (Fuser_login_name (Qnil
))->data
;
344 if (STRINGP (Fsystem_name ()))
345 host_name
= (char *)XSTRING (Fsystem_name ())->data
;
348 lock_info_str
= (char *)alloca (strlen (user_name
) + strlen (host_name
)
351 boot_time
= get_boot_time ();
353 sprintf (lock_info_str
, "%s@%s.%lu:%lu", user_name
, host_name
,
354 (unsigned long) getpid (), (unsigned long) boot_time
);
356 sprintf (lock_info_str
, "%s@%s.%lu", user_name
, host_name
,
357 (unsigned long) getpid ());
359 err
= symlink (lock_info_str
, lfname
);
360 if (errno
== EEXIST
&& force
)
363 err
= symlink (lock_info_str
, lfname
);
369 /* Return 1 if times A and B are no more than one second apart. */
372 within_one_second (a
, b
)
375 return (a
- b
>= -1 && a
- b
<= 1);
378 /* Return 0 if nobody owns the lock file LFNAME or the lock is obsolete,
379 1 if another process owns it (and set OWNER (if non-null) to info),
380 2 if the current process owns it,
381 or -1 if something is wrong with the locking mechanism. */
384 current_lock_owner (owner
, lfname
)
385 lock_info_type
*owner
;
389 extern char *rindex (), *index ();
393 char *at
, *dot
, *colon
;
396 /* Read arbitrarily-long contents of symlink. Similar code in
397 file-symlink-p in fileio.c. */
401 lfinfo
= (char *) xrealloc (lfinfo
, bufsize
);
402 len
= readlink (lfname
, lfinfo
, bufsize
);
404 while (len
>= bufsize
);
406 /* If nonexistent lock file, all is well; otherwise, got strange error. */
410 return errno
== ENOENT
? 0 : -1;
413 /* Link info exists, so `len' is its length. Null terminate. */
416 /* Even if the caller doesn't want the owner info, we still have to
417 read it to determine return value, so allocate it. */
420 owner
= (lock_info_type
*) alloca (sizeof (lock_info_type
));
424 /* Parse USER@HOST.PID:BOOT_TIME. If can't parse, return -1. */
425 /* The USER is everything before the first @. */
426 at
= index (lfinfo
, '@');
427 dot
= rindex (lfinfo
, '.');
434 owner
->user
= (char *) xmalloc (len
+ 1);
435 strncpy (owner
->user
, lfinfo
, len
);
436 owner
->user
[len
] = 0;
438 /* The PID is everything from the last `.' to the `:'. */
439 owner
->pid
= atoi (dot
+ 1);
441 while (*colon
&& *colon
!= ':')
443 /* After the `:', if there is one, comes the boot time. */
445 owner
->boot_time
= atoi (colon
+ 1);
447 owner
->boot_time
= 0;
449 /* The host is everything in between. */
451 owner
->host
= (char *) xmalloc (len
+ 1);
452 strncpy (owner
->host
, at
+ 1, len
);
453 owner
->host
[len
] = 0;
455 /* We're done looking at the link info. */
458 /* On current host? */
459 if (STRINGP (Fsystem_name ())
460 && strcmp (owner
->host
, XSTRING (Fsystem_name ())->data
) == 0)
462 if (owner
->pid
== getpid ())
463 ret
= 2; /* We own it. */
464 else if (owner
->pid
> 0
465 && (kill (owner
->pid
, 0) >= 0 || errno
== EPERM
)
466 && (owner
->boot_time
== 0
467 || within_one_second (owner
->boot_time
, get_boot_time ())))
468 ret
= 1; /* An existing process on this machine owns it. */
469 /* The owner process is dead or has a strange pid (<=0), so try to
471 else if (unlink (lfname
) < 0)
477 { /* If we wanted to support the check for stale locks on remote machines,
478 here's where we'd do it. */
483 if (local_owner
|| ret
<= 0)
485 FREE_LOCK_INFO (*owner
);
491 /* Lock the lock named LFNAME if possible.
492 Return 0 in that case.
493 Return positive if some other process owns the lock, and info about
494 that process in CLASHER.
495 Return -1 if cannot lock for any other reason. */
498 lock_if_free (clasher
, lfname
)
499 lock_info_type
*clasher
;
500 register char *lfname
;
502 while (lock_file_1 (lfname
, 0) == 0)
509 locker
= current_lock_owner (clasher
, lfname
);
512 FREE_LOCK_INFO (*clasher
);
513 return 0; /* We ourselves locked it. */
515 else if (locker
== 1)
516 return 1; /* Someone else has it. */
517 else if (locker
== -1)
518 return -1; /* current_lock_owner() returned strange error */
520 /* We deleted a stale lock; try again to lock the file. */
525 /* lock_file locks file FN,
526 meaning it serves notice on the world that you intend to edit that file.
527 This should be done only when about to modify a file-visiting
528 buffer previously unmodified.
529 Do not (normally) call this for a buffer already modified,
530 as either the file is already locked, or the user has already
531 decided to go ahead without locking.
533 When this returns, either the lock is locked for us,
534 or the user has said to go ahead without locking.
536 If the file is locked by someone else, this calls
537 ask-user-about-lock (a Lisp function) with two arguments,
538 the file name and info about the user who did the locking.
539 This function can signal an error, or return t meaning
540 take away the lock, or return nil meaning ignore the lock. */
546 register Lisp_Object attack
, orig_fn
, encoded_fn
;
547 register char *lfname
, *locker
;
548 lock_info_type lock_info
;
550 /* Don't do locking while dumping Emacs.
551 Uncompressing wtmp files uses call-process, which does not work
552 in an uninitialized Emacs. */
553 if (! NILP (Vpurify_flag
))
557 fn
= Fexpand_file_name (fn
, Qnil
);
558 encoded_fn
= ENCODE_FILE (fn
);
560 /* Create the name of the lock-file for file fn */
561 MAKE_LOCK_NAME (lfname
, encoded_fn
);
563 /* See if this file is visited and has changed on disk since it was
566 register Lisp_Object subject_buf
;
569 subject_buf
= get_truename_buffer (orig_fn
);
572 if (!NILP (subject_buf
)
573 && NILP (Fverify_visited_file_modtime (subject_buf
))
574 && !NILP (Ffile_exists_p (fn
)))
575 call1 (intern ("ask-user-about-supersession-threat"), fn
);
580 /* Try to lock the lock. */
581 if (lock_if_free (&lock_info
, lfname
) <= 0)
582 /* Return now if we have locked it, or if lock creation failed */
585 /* Else consider breaking the lock */
586 locker
= (char *) alloca (strlen (lock_info
.user
) + strlen (lock_info
.host
)
588 sprintf (locker
, "%s@%s (pid %lu)", lock_info
.user
, lock_info
.host
,
590 FREE_LOCK_INFO (lock_info
);
592 attack
= call2 (intern ("ask-user-about-lock"), fn
, build_string (locker
));
594 /* User says take the lock */
596 lock_file_1 (lfname
, 1);
599 /* User says ignore the lock */
604 register Lisp_Object fn
;
606 register char *lfname
;
608 fn
= Fexpand_file_name (fn
, Qnil
);
609 fn
= ENCODE_FILE (fn
);
611 MAKE_LOCK_NAME (lfname
, fn
);
613 if (current_lock_owner (0, lfname
) == 2)
620 register Lisp_Object tail
;
621 register struct buffer
*b
;
623 for (tail
= Vbuffer_alist
; GC_CONSP (tail
); tail
= XCONS (tail
)->cdr
)
625 b
= XBUFFER (XCONS (XCONS (tail
)->car
)->cdr
);
626 if (STRINGP (b
->file_truename
) && BUF_SAVE_MODIFF (b
) < BUF_MODIFF (b
))
628 register char *lfname
;
630 MAKE_LOCK_NAME (lfname
, b
->file_truename
);
632 if (current_lock_owner (0, lfname
) == 2)
638 DEFUN ("lock-buffer", Flock_buffer
, Slock_buffer
,
640 "Lock FILE, if current buffer is modified.\n\
641 FILE defaults to current buffer's visited file,\n\
642 or else nothing is done if current buffer isn't visiting a file.")
647 file
= current_buffer
->file_truename
;
649 CHECK_STRING (file
, 0);
650 if (SAVE_MODIFF
< MODIFF
656 DEFUN ("unlock-buffer", Funlock_buffer
, Sunlock_buffer
,
658 "Unlock the file visited in the current buffer,\n\
659 if it should normally be locked.")
662 if (SAVE_MODIFF
< MODIFF
663 && STRINGP (current_buffer
->file_truename
))
664 unlock_file (current_buffer
->file_truename
);
668 /* Unlock the file visited in buffer BUFFER. */
671 unlock_buffer (buffer
)
672 struct buffer
*buffer
;
674 if (BUF_SAVE_MODIFF (buffer
) < BUF_MODIFF (buffer
)
675 && STRINGP (buffer
->file_truename
))
676 unlock_file (buffer
->file_truename
);
679 DEFUN ("file-locked-p", Ffile_locked_p
, Sfile_locked_p
, 0, 1, 0,
680 "Return nil if the FILENAME is not locked,\n\
681 t if it is locked by you, else a string of the name of the locker.")
683 Lisp_Object filename
;
686 register char *lfname
;
688 lock_info_type locker
;
690 filename
= Fexpand_file_name (filename
, Qnil
);
692 MAKE_LOCK_NAME (lfname
, filename
);
694 owner
= current_lock_owner (&locker
, lfname
);
700 ret
= build_string (locker
.user
);
703 FREE_LOCK_INFO (locker
);
708 /* Initialization functions. */
714 boot_time_initialized
= 0;
720 defsubr (&Sunlock_buffer
);
721 defsubr (&Slock_buffer
);
722 defsubr (&Sfile_locked_p
);
725 #endif /* CLASH_DETECTION */