nspawn-vault-web v0.1.0-26
Fixes a real race condition in how config files are written
(notify.conf, gfs.conf, <host>/containers, <host>/notify-email).
Every writer now goes through a temp-file + atomic rename
(os.replace()) instead of writing straight onto the target file in
place. The previous approach truncated the existing file before writing
the new content, leaving a narrow window where a concurrent reader -
check-stale.sh's 30-minute timer sourcing notify.conf, or an admin
clicking "send test email" right as a settings save is in flight - could
read a half-written file.
Why
Found live while setting up the new SMTP relay from v0.1.0-25: several
"send test email" attempts returned an intermittent curl "login denied",
some immediately following an Admin save. Config writes weren't atomic,
so a reader could occasionally catch the file mid-rewrite.
Verified
- A 200-write/4000-read concurrent stress test locally: zero partial
reads with the fix, reproducible torn reads without it. - Re-ran the existing shell-quoting injection test against the
refactored write path - still inert. - Live on the production vault: repeated test-email sends immediately
after saving settings, no further curl "login denied" errors.